@viragomann thanks ! --> solved

DNSMasq is not enabled by default in pfSense. It's mostly included for backward compatibility. Those issues look to be mostly DNSSec related which is not used in DNSMasq in pfSense, you should use Unbound if you want DNSSec. Any updates will be in the upcoming 2.5 release though. Steve

@emammadov I don't know if anyone fixed this - but I'm just typing this for anyone who might need it as I did. I wrote a small bookmarklet in javascript that selects all days in the current month. It can be expanded to select the whole year at once. As far as I care - they can even integrate it in the main interface, for easier management of the schedule dates... Here it is: https://jsfiddle.net/lovetruth/bdLnhw3m/2/ and the code inside the js section can be transformed easily into a bookmarklet using this site: https://www.yourjs.com/bookmarklet/ And then you just drag and drop your converted blue bookmarklet into your bookmarks bar and use it whenever you have the calendar of the firewall schedules in front of you. Success!...

@stephenw10 It is just a single static IP, so I think it should just connect. This morning I will spin up a fresh virtual pfsense just to make sure its not somehow corrupted. Thanks

@scratchydog the ECC ram is hard, if not nearly impossible, to find. I've seen posts from people saying they use non-ECC just fine. If you search this forum or Google you should get to those threads.

You could implement a UTM like Untangle in bridge mode and leverage the Bandwidth control app to severely limit the bandwidth available to the application. This would effectively stop the downloading.

@bergischweb I seem to be having the same issue. I haven't changed anything in Pfsense, but starting yesterday my M1 Macbook no longer can access internet. I can open other items on the network - but NOT 192.168.1.1 for Pfsense page. On my windows laptop everything works normally. I rebooted into recovery on the mac and have the same issue. Also restarted my Pfsense box. I haven't really setup anything in Pfsense yet - only 1 forwarding setup for plex and parsec. Did you find a solution?

Almost impossible to say without more info from the problem install. Switching from DHCP to PPPoE would not normally be an issue. It sounds like you may have had an old gateway still present though. If that was still set as default you would have seen connectivity issues. Steve

I wouldn't expect to see any difference in the IGMPproxy in pfSense simply changing the interface. However I also wouldn't expect it to work unless you are also proxying the IGMP in the downstream router. Steve

It might be possible, at least in part, by using Squid and Squidguard. You would need to do full ssl intercept if clients request https of course. Steve

Good news.. Thank you for the response. Netgate always comes through. Regards

@stephenw10 Yes, there was another gateway to another "internal" network. Everything there was virtualized, however I can see why that would cause a problem.

Hmm, well ntpd won't respond if it thinks it is not sync'd itself, which looks like the case here. What if you try to manually sync the Secondary from the command line? Against the Primary maybe? Or some external time source? Steve

@soupdiver wouldn't it be easier to just put all the IP's of AWS EAST in an alias & policy route it through the openvpn ? yea it seems so I had to lookup policy routing but this works nicely. I will write a lil script which formats the AWS API response in a way pfSense will understand it and then I should be done. Thanks!

Thanks, for the information, and all your help,

You are sending data to different graylog servers? Are you recombining it again somewhere to analyze it? Because there is too much data for one server to consume? Redundancy? I'm not sure there is any way to do this but we might be able to suggest something else. Steve

@stephenw10 Thank you very much for the hints. I'll take a look!