With IPAliases you can usually use either /32 or the correct subnet size. The important thing is you have at least one IP defined on the interface with the correct subnet in order to add the correct routing. https://docs.netgate.com/pfsense/en/latest/firewall/virtual-ip-address-feature-comparison.html#ip-alias Steve

You could narrow that destination to just the PBX IP if that's the only thing you need access to in that subnet. Steve

Yes, bridging the interfaces would allow the ISP router to 'see' the wifi subnet directly but it would still need an IP in that subnet to respond from which it does not have. With the outbound NAT rule as you have it you are passing all the wifi traffic across the LAN subnet which means, unless you have blocked it in pfSense, wifi clients will be able to access any LAN client which you might not want. Steve

Thank you very much, for the help the patch worked perfectly and already shows the view I needed, excellent help.

Update from my end, I think I figured it out... After @chpalmer last msg, I went back to the "Hard disk standby time" settings and it was set to 180, which even if the systems was using the 180 mins it still didn't make any sense as to why is was spinning up/down so quickly. What I did is set it back to Always on and after saving and rebooting there are no more spin ups or downs. thank you.

@tjabas said in change theme in Pfsense: router after about 5 years Wow. From what version did you came from ?

@stephenw10 Thanks. I reactivated user admin for now and bookmarked the screen it should have gone to for other admin level users (me really).

pfSense should not have a LAN gateway. If you have that set on the LAN interface remove it. Then go to System > Routing and make sure the WAN gateway is set as default. The fact you are able to reach the webgui shows it must be working to some extent. Steve

Does it reboot because of some event? Do the logs show it rebooting or shuting down? Or do they just show it running then suddenly booting as though it was hard power cycled? The logs immediately before Sep 9 21:16:47 syslogd kernel boot file is /boot/kernel/kernel should show that. I assume no other VMs are rebooting at that time? Steve

@bmeeks would know what snort can do and or should do - he is the snort guru around here that is for sure ;)

DMZ? WiFi AP for a Guest Network? ISCSI to a XigmaNAS? :)

Yup. Upgrade. You will see that port 8080 traffic blocked in the firewall log though as I suggested some time ago. That will confirm the issue. Or just add the rule and restest. Steve

Yeah its quite possible he asked the local IT support at his office.. And he brushed him off by dropping a name... Guess he is lucky he didn't drop say palo alto or the like as the name - or maybe this guy would be down 20k+ vs the 300 and in the same boat ;) Not sure where these users get the idea that security is easy, and or push a button. There is no device you drop into or in front of your network be it 300 or 10k in cost that makes your network secure - NONE... No matter what firewall you buy, no matter what software you run.. All just tools, how you use the tools requires atleast understanding the basic concepts of what the tool does and how to use it.. And you need to know which tool you need as well, or your going to be pounding on that screw with your 300$ hammer screaming this hammer freaking sucks!!

Ohh now i already solve it( Common i untick do not allow ip..) and it work.

@turnbulld said in Status and checks...: That's for sure the SNMP info. Noop. But the same source. It's Munin digging into the system using whatever is needed to present stats. The plugins are written in ... perl, C, bash, etc. @turnbulld said in Status and checks...: As with what you linked, there is nothing specific to the load balancer which I find a little odd. Probably because I do not have multiple WAN's, so I didn't activate 'load balance' related Munin plugins. @turnbulld said in Status and checks...: list of commands that are the source of the data on the dashboard. The code is the source - it reads like a manual.!! The widgets on the dashboard are just PHP files. Everything is in there - here /usr/local/www/widgets/widgets/....

i will try also to clone the MAC address from the providers router to pfsense pppoe interface

Yes you can. Be sure to snapshot it if you need to go back though, you cannot downgrade in the same way. Steve

Hmm, only time I've seen odd behaviour a little like that was when the firewall could not open a state because all the IPs and ports matched. So as though it tries to open several SSH connections to the same internal IP using the same source and destination ports. Which would never normally happen with SSH. The client would normally use a random source port for each connection and the remote side NAT device would usually randomise it anyway. It would be worth running a packet capture at the remote side to see what actually happens though. Steve

I've seen that before. I usually open them up, grab my multimeter and test each cell under load and replace the bad one(s). Sometimes they can hold a full charge but die as soon as they're under load.

That file could only be stuck if somehow the notifyqueue_running lock is stale or not being released. Maybe something in your notification settings is broken and it can't get messages out.