Looks to be a "bug" or at least a deficiency in the system? https://redmine.pfsense.org/issues/4474

All you need to backup is the config.xml (Diag > Backup/Restore). You can reinstall + restore faster than you could image the disk back.

Normally when you put a wifi router into bridge mode the wifi would be disabled, if yours is still on - I would connect to it and disable it.  If you can not connect to it while in bridge mode then put it back in router mode, disable the wifi and then back to bridge. As stated if you want to use vlans with your wireless network - get a AP that supports them, and make sure your switch supports them as well.  Unifi makes reasonable priced AP that do vlans, the latest gen AC lite model is under $100 - I have multiples SSIDs running on different vlans.

Hello marvosa, thank you for your reply. Yesterday I figured it out. I didn't use Outbound NAT which solved my problem  :D Markus

We have had a couple reports of crashes in dnsmasq on 2.2.6, there is a thread with a fix you can try. Alternately, install the service watchdog package and have it monitor dnsmasq to restart it when needed.

it's been several days I'm working on but I do not find solution !!!! I found that : https://www.reddit.com/r/PFSENSE/comments/3hk4f1/openvpn_logging_format_grok_is_killing_me/ Laurent

I found a regex that matches: regexp=(\w+\s+\d{1,2}\s+\d\d:\d\d:\d\d)\s+([\w-_]+|\d+.\d+.\d+.\d+)\s+.(\d+):\s+(\d+):\d+.{(\w+).}\s+([\d.]+):(\d+).*\s+([\d+.]+):?(\d+)? https://www.alienvault.com/forums/discussion/comment/13034/#Comment_13034 This post can be closed.

Nice to hear , that the problem is solved ;-) Grtz DeLorean

It depends entirely on what you want to do. If you want to manage site blacklists and such, then Squid/Squidguard would be a good way of accomplishing that. If you want to log/view traffic, then Ntop is the answer. There are no real "must-have's" - just install what you need to do the job. To see how much disk space you have, click on 'Diagnostics/Command prompt'. Type 'df -h' in the field below 'Execute Shell comamnd' and then click on the 'Execute' button. The dashboard also shows disk usage near the bottom.

All NICs are available leading me to believe that the problem is intermittent. I haven't had a chance to rebuild my pfSense yet, but am gearing up to do so soon. In order to isolate the problem, I will be redoing the NIC configuration. In my previous config I had the WAN running on the on board Intel NIC. I will change this to the LAN port. The other NIC is a dual port Intel pro/1000. Question? Would it be recommended to run both the WAN port and VLAN on the dual port NIC? Or should the WAN be on it's own dedicated card? I have one PCI x1 slot left if necessary to add an additional card. The issue is finding a compatible half-height legacy PCI Intel NIC that would fit in the M58P.

Hmm, so so there are new found issues with the old box. I plug it in and swap over all the interface cables, and get logged in. A couple of the wan ports are down, so I bounce the dsl modems. They all come back up but something strange, wan 1 and 3 have identical gateways.  Power cycle again and same thing… very strange. I cannot resolve any external host, nothing.  Check the General Setup and yes there are 5 DNS servers specified.  All the interface settings are right. So I delete wan 2 and 3, the GW group and verify the firewall rules are now looking at * for a GW.  still no internet access, no DNS resolution. Check the DHCP leases and my IP is not listed.  release/renew have a valid IP.  Refresh the DHCP Leases page and mine is still not listed.  Change the primary and secondary DNS server, release/renew I have them.. the two new DNS IP's but still my leases does not appear in the list. So I swap back to the new box to post this reply.  I sear on my mothers grave that the old box worked when removed from service roughly a month ago now.

Looks like I've solved the issue. In my case I had to disable beastie from boot. My /boot/loader.conf.local is as following loader_delay="9" beastie_disable="YES" Already rebooted few time and works like a charm. Also I encountered the same issue using USB HDD and Full Pfsense install -> did it to troubleshoot. That makes me lean towards some wiered USB controller issue and beastiie.

update: actually I have the bridge between wifi and ethernet fully working but: there is no way to tell the fw to pass connection to a server that resides on a 3rd lan over ethernet and block it over wifi. I mean the rule should be in the bridge tab so will work for both and filtering by ip or mac is not an option. rules on eth and wifi only works between the two (I can block any wifi from accessing a machine connected to eth for example). also sidesync does not work, I can see cp and smarphone tries to connect but no way. broadcast is the same because I had only assigned ip and dhcp to the bridge interface. should I assign ip and dhcp to both wifi and eth but on same broadcast? I can't try if it works because sidesync is not working so result will not change. I guess that if I do that I will have a gateway on each eth and wifi interface so I Can decide who can see server on the 3rd lan. IS this my fault or should this config work even if it does not? Also I am not abla to go over 600mbps without jumbos and with jumbo I trigger lot of problems in the wifi that is the only 1500mtu lan here (still not debugged) thank you for the time you put on this post  :)

Yes. Polling fixed it.

Thanks for the rapid feedback.  I was afraid that would be the answer.  I'm comfortable enough with the recovery process.  It's only inconvenient because the hardware I need to boot from the console is buried in the back of a room full of boxes right now, and I'm disabled.  I guess, I'll call a friend to come over and help dig it all out. Much appreciated. Dave

@Potestatem: Is there some setting I'm missing or something? Hard to say (based on the provided information) Check: https://doc.pfsense.org/index.php/Connectivity_Troubleshooting

I can't customize directly on the proxy servers that i want to monitor but your suggestion is a very good one and i will make some test to see if i can produce the report the HTTP monitor need across the proxy to that custom URL on a web server we own. Here an example of a simple script i run on the pfsense box that give me the right result but unable to get work using the usual HTTP monitor. #!/bin/sh GETPROX=printf "GET http://www.google.com\r\n\r\n"" | nc $1 80 | head -n1 PROXR=echo $GETPROX | grep "200 OK" if [ -z "$PROXR" ] then         echo 0 else         echo 1 fi

Have you tried with the Interface in promiscuous mode ? (as mentioned at the linked article)