@mhertzfeld said in Ransomeware infected machine: not failover to one of the other ports on the board. It can failover to another port for IPMI? That doesn't seem like all that smart of an idea from a security point of view ;)

Ouch! Nice catch though.

So your OpenVPN configuration is causing it to wait for a password before it starts. Maybe you have it set to user auth but didn't enter a password. You might try adding auth-retry nointeract; to the custom options, too

KOM.... Sometimes bitter enemies can eventually become best of friends.......stranger things happen.....just a thought Peace

i noticed, sorry i can not update my configs yet since the i am facing the issue described in here So i need to wait until i can modify or downgrade the system to safely remove the transparent-client-ip feature. I was going to use this feature for internal smtp server to forward the original IP.

I would not suggest you open a port to the public internet for your cameras.. Not a good idea! Use a vpn.. But https://docs.netgate.com/pfsense/en/latest/nat/forwarding-ports-with-pfsense.html

@guardian said in Please tell me what this error message is likely serious?: Any idea how many "bad attempts" are necessary to trigger the message? It depends on a few factors, but that's all decided by sshguard and could be found in their docs. @guardian said in Please tell me what this error message is likely serious?: How long sshguard has been part of pfSense Since 2.4.4. @guardian said in Please tell me what this error message is likely serious?: Is the "user id" of the attempted login available in a log somewhere? The main system log.

@JKnott said in WiFi calling and VLAN 1: @NogBadTheBad said in WiFi calling and VLAN 1: I still work on an account that uses DecNET What would use that these days? It would have to be ancient. An old Dec server running a legacy application, due to be retired soon.

Excellent! Thanks so much! I will have a look. Regards, --Mokey

....unless of course you don't mean the actual CARP traffic (which must be multicast) and are referring to pfsync or config sync, which is a common misconception. Steve

Very old topic, but we use salt to manage our pfsense ;) Thanks to https://github.com/ndejong/pfsense_fauxapi Some links : https://github.com/ndejong/pfsense_fauxapi_client_python https://github.com/alkivi-sas/salt-pfsense

Where is "someone else’s firewall", directly connected to yours ? If so a VIP + 1:1 NAT and a static default route on "someone else’s firewall" pointing to your router should do it. https://docs.netgate.com/pfsense/en/latest/book/nat/1-1-nat.html

@mod said in key based auth ssh issue: 3 . password +public key login works That is not really an option.. If you set password and public key your just using password to auth.. 2: I use linux version of putty and we don't get keygen/ don't need to convert. Pretty sure you do.. https://www.ssh.com/ssh/putty/linux/puttygen 4 Yeah no idea why your bringing that up at all - yeah no shit everyone uses 2 ;) BTW, current stable version of putty is .71

I have to say I would swap out that rl NIC if you possibly can. It will almost certainly cause you headaches in the future. https://github.com/freebsd/freebsd/blob/master/sys/dev/rl/if_rl.c#L48 Steve

well just add it to both groups on tier 3, it's that simple. if tier 1 (high packets loss or high latency) it will switch to tier 2. and if both 1,2 dropped 3 will kick in. you control which one are primary and secondary with tier numbers. believe me every day you will find a new reason to love pfsense more. i love it so much i just installed it on a VPS and configured openvpn on it. so now i have a personal vpn for 5$/moth.

From GUI ? Noop. Download latest "2.4.4" and put it on a stick. Reboot from stick, and do the initial partition thing, etc. It's also advisable to use the config file you saved just before you went to 2.5 - if not, import the 2.5 config and see what happens.

@chpalmer Thank you guys, we will be looking into this!!

You can see that if you rebooted and pfBlocker has not downloaded that alias yet. I often see that with the v4 table but as soon as it loads it the error is resolved. Try deleting the error then going to Status > Filter Reload and reloading the ruleset. If the error doesn't re-appear it has been resolved. Steve

A manual install to prove it works and does what it says it should, maybe in FreeBSD, would be the first step here. It would certainly be interesting though. Steve

Thanks, Steve. I did some more checking, and while it is difficult to know what exactly I changed to make it work, I think I needed to add the domain name to the host name boxes on the DNS Server Settings in General Setup. That, plus a couple of changes in the Cloudflare set-up, solved the problem. Thanks for your input.