@doktornotor: It notifies you just fine when the IP changes. Not really sure why would you like to be notified when nothing changed. It does notify me when my ip changes?  How does it notify me?  I have notification setup via email in the webgui, do ip changes automatically send me an email by default?

This is what is in my advance box, I'm pretty sure you are right though, it is probably something in here: remote-cert-tls server;comp-lzo no;verb 4;explicit-exit-notify 5;key-direction 1;auth SHA1;keysize 256;key-method 2;tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA; I just updated to 60 internet today, clearing all my logs and see what I get, pretty sure it will be the exact same.  Nice though, going through the tunnel I get 60, outside the tunnel 70.

Yeah I see that now. Thanks. I changed it to em0 and it complained so I changed it to WAN and lost LAN connectivity to it completely after applying. I will go by there tomorrow and restart it. Thanks again.

Thank you, will do as you suggested. Today is a working day, should schedule for further testing  :o

so it seems its very serious product. are there any case studies about it ? and deployement scenarios where one could read them to get more insight into it ? i need to understand it more .. maybe i might recomend it at some point if asked by someone.. i am following on this forum and wiki and general internet though . .

was it working earlier ? with which device? if it was working with pfsense and your pfsense is wokring on another ppoe then the ntu might be the culprit .. have you tried to ask them to change the port on ntu ? also can you try connecting the cable to any pc (windows ?) and configure ppoe and try connecting if it works ? if it was working on another device and nwo you introduced pfsense then you should give mac spoofing a try..

i have adsl modem running in bridge mode.. ppoe is configured on ddwrt. after some reading i found that my packets wont fragment if payload is set to 1464 bytes so add 28 bytes to it my max and optimum mtu is 1492.

Folks, problem solved – after update the issue disappeared. Hope this helps you, too. Cheers, Cyberax. :)

Determine if apinger is detecting and marking the interface down. Maybe try increasing the apinger down threshold.  Or disable apinger to see if that helps.

Suggest starting a new thread for this non related topic. Edit / Update: Oh I see you did that already. @shuhdonk: Thanks all for the help and suggestions, I appreciate it.  I have another non related issue. How do I determine why occasionally lose internet connection for just a brief moment a few times a day since putting this pfsense box up, no issues at all with my connection before the pfserver.  What should I look into to see if anythings shows up anywhere?  I assume logs, but which logs, how?  what am I looking for? thanks again!

I'm not sure what you accomplished Heper?  Are you saying pass all https traffic Wan 1 or 2, not balanced? If not, different tier relative to what, the load balance tier 1?  I have the same issue.  I first plopped a Lan pass rule putting all https on Wan2 just above the loadbalance catchall (Wan1+2) at the bottom. Problem is Netflix is on https so the balance becomes very imbalanced. Another issue is dynamic "per ip" rate limiting. I limit, on the loadbalance rule, with values just below the aggregate of Wan1+2 both having an equal provision. However, load balance is never equal and gets more unbalanced when sticky connections are applied so the modem buffer gets hit on occasion increasing latency during high load.  I can't figure out a way to apply separate limiters on each Wan and still load balance both Wan's.

Suggestion: Upgrade your pfSense to a version with uptodate timezone data…

An example of telnetting into a mailserver with different codes that might be shown by some mailservers, could also be tried from a lan side machine https://technet.microsoft.com/en-us/library/aa995718%28v=exchg.65%29.aspx https://www.port25.com/how-to-check-an-smtp-connection-with-a-manual-telnet-session-2/ As its likely going to be coming from pfsense itself, you might need to create/allow a rule from ThisFirewall to your email server destination on which ever interface your mail server resides on. I only say this because you can see some things like DNS lookups in the fw logs and these are allowed by default, but mail server comms may possibly not be enabled/allowed by default on some/all interfaces from the firewall.

o snap…i forgot i had to port forward 10000-20000 for VOIP lol

@Killertjuh A little tip if you didnt already know which you might find useful for interpreting firewall logs, in Status, System Logs, Settings tab, there is a drop down option called Filter Descriptions. If you change it to Display as Column, you can see which rule blocked the packet which can make things easier to workout what rules might be in the wrong order or not correct in some way. fwiw. Edit. I also increase the GUI Log Entries to Display on the same tab to 2000 which is handy for seeing more info and I see you already have your logs set to display in reverse order. The increase is necessary when you have lots of traffic and/or interfaces and theres nothing stopping you from right mouse clicking on the Firewall, Normal View tab so you get a new browser tab opened up showing the latest firewall log, if you need to see more than say 2000 entries from the gui.

What real life elements are you looking to replicate in your lab experiment? One way you could do this, is load up virtualworks/vmware workstation onto a decent desktop pc, create a couple of virtual guests running pfsense and run the vpn that way, all from one desktop. Add in different virtual guest OS's to add to the realism. VMware Workstation and Virtual Work will let you set up a good number of virtual networks as well, plus you could also plug it into your live network to further add & test the realism in your lab experiment.

The first doesn't seem to be an issue. Just IRC running over a non-standard/ default port. However, the second is related to Dealply, an adware extension/ add-on for browsers. It's normally installed as a bundle with some 'freeware' programs. You can check the computer for this and remove it. See: https://malwaretips.com/blogs/dealply-adware/

It has an: Atom Z3735F @ 1.33GHz - roughly 3-4x as powerful as the atom in those old 2010 netbooks. 2GB DDR3 ram 32GB Nand SSD B/G/N Wfi + 4.0 Bluetooth 100mbit NIC - I assume its a realtek Power usage however I'm not sure, description says 12V 2.4A but the box says 5V on it, but as with most of these mini PCs I'd say the ladder 5V and at most 3A or 15W max as these things don't draw a lot of power which is great. I can't say for sure if it supports vlans, however even the cheapest realtek nics support vlans right? I mean even though I haven't tried it yet but if vlans work on my netbook I don't see any reason why they wouldn't work on a newly made mini PC.