This seems to be signal monitoring and statistics collection process. Do not have PPP configured right now, so cannot compare CPU usage.

well yeah your automatic rules would of been natting that source network for you.  You might have been able to just use hybrid since I believe the hybrid rules are evaluated first.

Understood!  Thank you for your in-site and your time!

Probably in the Traffic Shaping forum, where people post questions about the traffic shaper and quality of service.

There's FreeBSD port for sshguard-pf 1.6.4 You could install the pkg from the FreeBSD repo. Not sure how hard it would be to get it working with pfSense.

Status->DHCP leases

Which Networkcard should I use in KVM for the pfSense VM? Intel E1000 VirtIO (Paravirtualized) Realtek RTL8139 VMWare vmxnet3 Thank you!

I'm pretty sure mermen's issue is a defect with the pfSense package for ntopng. The core issue is that the current package does not support use of HTTPS. If you are using HTTPS for the webgui you cannot access ntopng by hostname because of HSTS. Only HTTP by IP address will work. This is discussed here: https://forum.pfsense.org/index.php?topic=110026.msg643065#msg643065 There is an outstanding PR for the pfSense package for ntopng to address this. [edited for politeness and clarity]

The links below should help you figure out what ports you will need to forward and how to setup port forwarding in pfSense. https://community.netgear.com/t5/ReadyCLOUD/RN104-Router-Ports-to-open/td-p/948497 https://community.netgear.com/t5/ReadyCLOUD/ReadyNAS-102-ReadyCloud-Cannot-Discover-Device/td-p/922769 https://doc.pfsense.org/index.php/How_can_I_forward_ports_with_pfSense https://forum.pfsense.org/index.php?topic=55676.0 Not sure how you are going to use ReadyCloud but if I were you I would setup a VPN on pfSense then use a VPN client to connect to your LAN to get to whatever files you want.

Perfect - Thanks Jimp!

Sorry for the slow reply. Thanks for this, will try that tomorrow if I can get it working it will be really helpful.

Thank you all for your replies. Quite interesting to have different views on the situation. I use the vpn service so my pfsense is not only used as a fw. In the meantime I also activated egress filtering. For some of you maybe overkill, but it's also to learn how to use the pfsense (making aliasses and rules, check my fw logs etc..). @chris4916: Are you hosting internal services exposed to internet? NO Do you need remote access to your LAN? YES Do you need to segregate internal subnets? Isolate guest wifi from LAN… Not today, but could be in the near future. @chris4916: all-in-one UTM will do the job with less  flexibility but more efficiency… if you don't know how it works behind. Well apart from protecting my situation, I'd like to learn how it works behind. It's fascinating. @Harvy66: Don't forget to teach your children how to be responsible Internet citizens and not get virii. I got a virus once when I was 7, it was from a floppy disk I got from a friend. I have never gotten malware or a virus since. I absolutely agree on that point too. @pleriche: Regarding pfSense I'm a bit of a noob round here but I would humbly suggest that what you need is a UTM rather than a firewall such as pfSense. I'll have a look at that UTM stuff. @jahonix: Personally I would separate my network in trusted and untrusted subnets with the kid's gear being in "untrusted". This way they cannot infect parents stuff. With vlans, yes this could be an option too. But the "untrusted" part will need access to the "trusted" part. For example: ipad is using application to navigate in the gui of the Kodi Media Player. I'll have to check that. Again, thank you all for the interesting advises.

Hi John, I've finally created the tutorial! You can check it here: https://forum.pfsense.org/index.php?topic=116980.0

If you run the manual ruleset reload command at the CLI (or from Diag > Command Prompt) it will report the error that is causing that. Almost certainly an unpopulated alias that pfBlocker created in that case. pfctl -f /tmp/rules.debug https://doc.pfsense.org/index.php/Firewall_Rule_Troubleshooting#Ruleset_Loading Steve

it works connecting it via a switch. will keep it that way, still i need to separate the dhcp pool from my LAN. I have created an aditional dhcp pool (in the same network) but i'm not able to make it use that one only. like force all requests comming from ESXi to be served from that pool. Any clue on this?