@skogs said in 2.5.0 seems more stable: wasn't really all that stable. Some days I'd have to restart the network interfaces, unbound, or the whole machine 2 or 3 times. Sometimes once a week. Glad you're having better luck. I've run pfSense and m0n0wall before that for many years and general instability was never a problem across multiple clients. I've seen them run for years without a reboot if an unmanaged client got behind in updates. We have exactly one Realtek card in service, and it hasn't been a problem, but I do see posts pretty frequently here bashing Realtek due to the FreeBSD drivers. So I'd guess it was more likely the "added in the Realtek driver" part of your post? Not saying you're wrong...just very patient.

@mh4it said in Can HP Thin Client be used as Access Point (WIFI): @nollipfsense said in Can HP Thin Client be used as Access Point (WIFI): Mikrotik HapAC Thanks for the advice, What is the benefit of Mikrotik Hap AC over OpenWRT?? Don't know however, I made the suggestion knowing you want a robust secure WIFI and RouterOS would provide that.

@johncsuti No idea.

@tittu What you may want to do is create a rule to allow only the desired address(s) through followed by the block RFC1918 rule.

@gertjan Version 2.4.5-RELEASE-p1. swapstate_check.php was already by default, and we need to get the Squid package installed.

@pf-beginner I bought my Qotom a couple of months ago and it took just over a week to arrive.

After much sweat, I have solved the issue. It may well be of interest to someone else in future so I will post what I found.. Full manual clean setup, piece by piece got it working with zero issues, very fast & snappy. So I downloaded the config, got the backup, and used a merge tool to do a diff... After going through every single line, the conclusion is... that I did not reset the 'network tweaks' after upgrading to 2.5 :( [image: 1617922549233-1bc0a6a6-65b9-42ff-9104-5f670e85bf47-image.png] Had I have noticed this earlier, I might have saved myself a world of pain! Of course, with so many settings in so many places, it is easy to be blind to oneself, more fool me though as I was confident that I had checked and reset them post-upgrade after I saw that they were not required any longer to maintain Gb throughput in v2.5. Many thanks for your tips, in the end, we got there and I am very happy at last, as are the rest of the household ;)

You can use the arpwatch package to alert you via email when a new device connects to your network. I use my cellular carriers sms email alias so I can send out text alerts. This will not work if rogue devices mimic existing MAC addresses or if allowed devices are configured with dynamic “private” MAC addresses.

@michaelcropper said in DNS Resolver Caching Issues: disable caching everywhere No would never ever do that.. What you do if you have a question on what something is resolving as, is do a directed query to the authoritative ns for what your looking for.. So you get the answer from the horses mouth. Which is what unbound does out of the box.. Also use proper tools ;) dig for example will always show you what the ttl of what you queried..

Strange. I'm seeing : [image: 1617777691259-b747e1b9-3243-49fe-960b-e13e25c3769e-image.png] I did check https://files.pfsense.org/

See that rule there in your floating - its forcing traffic that is TCP, ie http or https out your gateway. So no your not going to get to your other vlans. See the bypassing policy routing section here. https://docs.netgate.com/pfsense/en/latest/multiwan/policy-route.html#bypassing-policy-routing You need a rule that allows the traffic to your other vlans - before you shove traffic out the wan.. Which isn't going get your vlans.

@kom thank you

@viragomann said in Can't Hit Port Forward From Inside LAN: not necessary to enable it for a single forwarding rule Did not realize that, thanks.

@perphide Something strange just happend. I disabled IPv6 and all of a sudden I can ping the IPv4 address of the vmx0.10 interface. I am sure this has nothing to do with IPv6 being disabled. I have no clue what just changed. Perhaps another pending setting has been applied by this action?

I create in Vm a windows server 2012r2 and I set the hyper V. Then I create 2 virtual switches one external and one internal. I create a vm in hyper v for pfsence and when Istart the installation I try to configure a WAN 192.168.1.25 4 subnet mask 255.255.255.0 and when I set LAN 192.168.100.1 it tells me not in subnet