Ok Thanks, Each of the Network has is own DHCP enable I am going to apply your advices. And will give you the feedback

@stephenw10 Thank you. I have moved in similar lines, but it seems I have to configure a Gateway. This may be in contrast to what pfsense said in the field text "On local area network interfaces the upstream gateway should be "none"", I assumed ,I don't need to create a Upstream gateway. So i've created this Also, after creating the gateway, I've changed the Fireall -> NAT -> Outbound to Automatic outbound NAT rule generation. These two changes made it work. Thanks again

Correct. It works on the other FW's just fine, but this one, because it's the main, can't just be taken down when wanted. Too many other services behind it that can break and all teams need to be on board when a reboot is required in case those services really bork.

More information needed! Is that a service running behind pfSense? Have to setup port forwards? How are you testing? Where are you testing from? Steve

That seems like a good plan of attack. If you see it again and still have any sort of access check the config file size and the back configs in /conf/backup. When we saw it previously you could clearly see the file size ramping up in the backups as the rules duplicated. Steve

Hmm. Curious. Can you force UDP in Windows? Not sure I've ever tried.... Steve

Do you have the crash report? But yeah 2.3.X is EoL and 2.3.3 is even older than that. Whatever you're hitting if it's a software problem it will not be fixed in 2.3.X. It may well have already been fixed in 2.4.X. Steve

Thanks Rico ! / br. Pete

That's what I was thinking. I wasn't sure if there was any kind of exotic configs that might work just as well. I now need a POE+ switch so I might be upgrading the 3750 at some point. I think Cisco changed their licensing model on the 3850s and the cat9k making it harder to deal with as a home user. I like Cisco but it is expensive for home use. I really do like L3 multicast though, so that helps justify it.

For the scenario of connecting directly to pfsense router instead of the switch, I think I will be able to figure this out based on this video: https://www.youtube.com/watch?time_continue=249&v=XdzfgapJYqw Will do testing and report if any issues arise!

@jimp said in User Manager Access: b9ed452dbba4689e6280efa7f503e30809a3d8e4 Updated mine to fix this issue, really appreciate that you posted this!!

Oh.. My bad, apologies. Thank you for such a quick reply!

Traffic from one PC to another with both in the same subnet does not hit your Firewall/Gateway, so there is no traffic to show for pfSense. -Rico

I'm a bit confused though my original ip was a /24 and now my new Ip's are /30 I hope this doesn't pose an issue. That's not really a pfSense issue, it's between you and your ISP. You use the extra IPs to create virtual IPs for pfSense. Then you can create port forwards that route traffic from the virtual IP to the LAN host. For example, I have a block of 14 usable addresses, and I have a VIP - IP Alias for each one. When creating you port forward, you select the VIP as the Destination.

Yup, for reference it's a known bug and has been fixed see this post: https://forum.netgate.com/topic/143621/user-manager-access/2 https://redmine.pfsense.org/issues/9541 Steve

If there's no output at all on the serial port the hardware is dead. You should always see something from Coreboot even if there's no media present. The only possible exception to that is if you've disabled the serial port in Coreboot. In which case you can reset the Coreboot values to default by powering up with the reset button pressed: https://pcengines.ch/howto.htm#serialconsole However it's much more likely your terminal setup not correct. Try 38400baud or 9600. Steve

That is exactly the issue. It's funny you mentioned this as I was just in the process of opening up another browser and I saw this reply come in. It worked. For anyone else that may experience this issue, do as @Rico mentioned. It works. Cheers Rico. Solved!!

The problem is in the script "check_proxy_wpad.sh". His must edit, like so: #!/bin/sh status=$(/bin/ps -wx | /usr/bin/grep 'nginx-wpad.conf' | sed -e '/grep/d') if [ "$status" == "" ];then /usr/local/sbin/nginx -c /usr/local/etc/nginx/nginx-wpad.conf else exit 0 fi

You might run rehash after loading those so the command become available directly. Steve

If you assign things in a different order to start with, then the labels on the system won't align properly. But again, that does not matter in the long run. Use your own names and it won't be an issue. You haven't shown the full interface assignment list, so it's impossible to say what led to that situation. Either way -- Ignore the OPTx names and set your own custom names. The labels only reflect what is assigned out of the box in a default configuration. They do not have to be set that way, and typically will not match once a customer starts customizing their system.