• SG-2440 Constant Reboot Issue

    9
    1 Votes
    9 Posts
    8k Views
    stephenw10S
    Just to be clear you should run fsck at least 3 times as shown in our video if you hit this. Steve
  • pfsense Virtual IP as LAN clients host default gateway

    5
    0 Votes
    5 Posts
    847 Views
    N
    @stephenw10 thanks, it should definitely work as I was envisioning. Yes, I'd still have the VIP answering to ARP requests on that IP, and it will use the mac address of the interface where it was created to do so, then the destination IP field on those packets will be rewritten, then the rules will be applied and packets routed accordingly to the routing table. I will then use tcpdump to identify all the hosts that are still using those IP I assigned as VIP and modify the config on the fly little by little. btw netmap is amazing, the BSD network stack and what you guys built on top of it it's absolutely stunning, I have some small feedback on the UI but overall pfsense is definitely comparable to the major players firewall solutions out there, for sure you beat sonicwall and fortinet in my mind and I'm pushing to buy the actual netgate hardware because of that.
  • Dangers of UPNP?

    6
    0 Votes
    6 Posts
    1k Views
    johnpozJ
    Yeah if you have a spare interface - sure you could do that. But to be honest - might be better to just put any money you would spend on some cheap AP towards a real AP with big boy features ;) But sure if you have some old wifi router laying around - then sure you could do that..
  • Telegramm notify

    9
    0 Votes
    9 Posts
    4k Views
    stephenw10S
    Open a feature request if you want more notification options. Or add notes to one that's already open, there's is probably something similar there. https://redmine.pfsense.org/ Steve
  • If there is one subnet, is source any same as OPT net?

    2
    0 Votes
    2 Posts
    333 Views
    stephenw10S
    For the vast majority of traffic you would see no difference. But as a general rule you should add only the rules that are required and since you know what subnet that traffic is coming from you can use that as the source IP there. There should never be traffic arriving there from a different subnet but if it did it should not be passed. Steve
  • JumpCloud LDAP Authentication over SSL not working

    8
    0 Votes
    8 Posts
    1k Views
    manjotscM
    @sparkyjf Can you share the JumpCloud config on pfsense would be really helpful. Thanks,
  • L2TP Interface shows IPv6 WAN Address

    6
    0 Votes
    6 Posts
    346 Views
    stephenw10S
    Yes, I'd go ahead and do that. That interface type is probably the least well used. Or maybe pptp! It's likely a display bug only. You can see the actual interface does not have an IPv6 address. Steve
  • Pfsense 2.4.5 package vulnerabilities

    Moved secu
    2
    0 Votes
    2 Posts
    819 Views
    M
    Hi, You got your answer here :) @romor said in pfSense 2.5.0 release date?: Hi, i did upgrade one of test pfSense to 2.5.0 and then i tried pkg audit to check vulnerabilities. All was ok without vulnerabilities. That mean, release of 2.5.0 is important for us :-) pkg update/upgrade on version 2.4.5.p1 i tested, but there is only a few updates, not all security updates. After install upgrades is count of vulnerabilities same (16 in 10 packages). https://forum.netgate.com/topic/160456/pfsense-2-5-0-release-date?_=1613340248630
  • A few questions from a newbie chimp....

    14
    0 Votes
    14 Posts
    1k Views
    C
    @jknott Ah - right - ive got a couple of EnGenius access points one wifi5 and the other one wifi6
  • Cant enter a comment on you tube.

    5
    0 Votes
    5 Posts
    610 Views
    stephenw10S
    Aha, well the simplest answer is usually the right one.
  • WAN Limited to 15mbps with 100mbps internet

    6
    0 Votes
    6 Posts
    676 Views
    stephenw10S
    Yup. Case matters!
  • Routing Logs Flood

    4
    0 Votes
    4 Posts
    280 Views
    stephenw10S
    You can try starting it with debug mode by stopping the service then starting it at the command line with: /usr/local/sbin/miniupnpd -f /var/etc/miniupnpd.conf -d -P /var/run/miniupnpd.pid That should give you some more useful error output. But that error that is shown implies something is trying to open a port to/from an IP that either already has that assigned or no longer exists on the firewall. Steve
  • Fresh load, minimal tweaks, idle then catastrophe

    6
    0 Votes
    6 Posts
    718 Views
    stephenw10S
    The best thing you can do it hook up a serial console and log it's output to something locally. If it is a drive or drive controller failure it may not be able to record that event but it will spew a load of errors to the console. The next best thing is set up log exporting via syslog: https://docs.netgate.com/pfsense/en/latest/monitoring/logs/remote.html Steve
  • Access to PC via RDP via old pfSense but not new one

    2
    0 Votes
    2 Posts
    315 Views
    stephenw10S
    Probably need a diagram to diagnose that. There are potentially some significant differences between a VM and real device espacially when what you're trying to access is the VM host. It's probably something in the hypervisor setup. Steve
  • Adding a second WAN connection

    2
    0 Votes
    2 Posts
    265 Views
    stephenw10S
    Yes, you can do that. Just set the IPSec tunnel to use the 2nd WAN interface. The other end of the tunnel would obviously have to be set to the new WAN IP also. Steve
  • How to configure two WAN connections

    2
    0 Votes
    2 Posts
    325 Views
    stephenw10S
    Yes it would show a gateway IP if it has connected. Check the systemlog or PPP log. It will shows the PPP connection attempts there. You would not normally check the 'dial on demand' box there though if you have permenant connection on it, which "broadband" almost always would be. What exactly is that other connection? Steve
  • Is there any way to use the guest mode on my soho router?

    3
    0 Votes
    3 Posts
    416 Views
    stephenw10S
    @shjfliejfasel said in Is there any way to use the guest mode on my soho router?: I'm guessing this keeps devices on the guest network from accessing personal devices on the regular network. You need to know what it actually does before we can answer that. Since it is removed in AP mode, which probably turns it into a pure layer 2 device, it probably does something at layer 3. Like passing traffic only for external IPs. In which case you can replicate that with rules in pfSense instead. Steve
  • Sporatic Packetloss from WAN DHCP Gateway

    4
    0 Votes
    4 Posts
    799 Views
    B
    @jknott they did say they are monitoring and I did get a text saying they are working on it. I'm not sure if that means they found something or not. Can I get more information on this script? Seems like a great idea. Does it run right on pfsense?
  • ANNOUNCE: ansible collectio pfsensible.core 0.4.0 released

    1
    0 Votes
    1 Posts
    414 Views
    No one has replied
  • Cannot establish a custom log facility local6

    1
    0 Votes
    1 Posts
    195 Views
    No one has replied
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.