I'm reminded here of the famous saying (often found in project management): "Good, Fast, or Cheap? Pick any two". In this case we are all getting something good and cheap (free), ergo it won't necessarily be _________. That being said, I'm looking forward with anticipation to 2.5 as well...when it's ready.

If it was managed you might have some logged error to go on. Also managed switches tend to be better made and more resilient. Mostly! If a new replacement failed in exactly the same way though I would start suspecting something in environment. Not necessarily a network problem, maybe a power issue? You swapped the PSU at the same time I assume? If you move one of those 'bad' switches to somewhere else and test it does it still fail? Steve

Thanks for the hint. I didn't realize the traffic wouldn't pass the WAN interface. I'd forgotten that pfsense sort of acts like a router between interfaces by default. I blocked traffic between LAN & VLAN DMZ except for SMTP on the web server and set up a record in my hosts file so email could then be addressed to the mail host directly.

@rulrich Best overall advice is probably to move the pfSense-webinterface to a different port than the default :80 (disable webconfig redirect) / :443 (configure a different port). That way even if haproxy stops for some reason people wont 'by mistake' connect to the webgui.. Other than that check for nat portforward rules perhaps that might take these specific requests?

Tx for replying Steven,.. I have a combined FE/BE.. on a 192.168.3.x network,... and I am trying to connect in from a 192.168.6.x network client,.. I'm currently working on an apache2 issue, (which I believe maybe the issue) with sites available/enabled,... but I will need to do some digging before I get to a solution for my system I will update as I find more out...

OK, you should move to HAProxy. Relayd is deprecated in 2.5, you will not be able to upgrade if you still require it. Relayd uses pf to do the forwarding and since that is multi-threaded in pfSense I would expect the load-balancer to be also. Steve

In case someone has some time to burn: Bonjour overview: https://developer.apple.com/library/archive/documentation/Cocoa/Conceptual/NetServices/Introduction.html#//apple_ref/doc/uid/TP40002445-SW1

Ok then, yes, you would need a modem of some sort (or put the hub in bridge mode if it can). Something like one of the Openreach modems or a Vigor V130 for FTTC. Steve

@stephenw10 Ok so when you are not using the ISPs router you're using some other PoE injector to power the wireless hardware? Are you sure that is powerful enough? They gave me the POE power supply so unless its faulty then yes. The first thing shown in that log is the daemon starting the connection but it looks to have started before the previous connection had stopped. No timeouts or errors shown before that, something must have triggered that. Yeah I copied the log from the last time it had dropped out till the current time, but it all looked ok to me but I'm no expert in finding errors in logs. If the wireless device at the dish end is rebooting for some reason you would expect it to lose Ethernet link which pfSense would log in the main system log. You do not see that? I'll have a look through them then and see if anything sticks out. thanks

Still 'when it's ready' You can follow the open issues here though: https://redmine.pfsense.org/projects/pfsense/issues?query_id=106 Steve

@stephenw10 Thank you for the response. Setting the WAN as the default gateway seemed to have helped, it was set to auto. I'll continue to test.

Thanks all! I'll check and then I'll report back.

@bingo600 Thanks :-) Also noticed the Qotom in your signature block, I bought Qotom-Q515G6 late last year and very pleased with its performance so far!!

@stephenw10 can you please check this critical bug in 2.5.0: https://forum.netgate.com/topic/159354/pfsense-2-5-0-a-20201127-0650-nat-issues/1 ?

@bingo600 said in How to use regex in pfsense firewall logs (GUI): 192.168.20.2 You are spot on and worked like a charm Thanks a lot!!

Both units in: Diagnostics \ ARP Table show the same MAC (learned and expiring) for Gateway , I haven't change anything in terms of gateway. You see this setup "in general" works, but all of the sudden WAN communication stops, but as I learned it starts to work again after some time, by itself. Really strange ... Thanks for your help! Andrzej

Look at the state table (Diag > States) and filter but the destination IP. If it's matching traffic you will see NAT'd states on the LAN

Perfect - thank you. As I restarted each client you could see it moving through each one. Now ticked and it no longer happens. Thanks again

The client side can choose to reject everything the server sends including the timeout values. What are those remote routers? How are they configured? You should think about moving to a more rational setup with multiple clients connecting to a single (or few) server. Changes like this would be far easier. Steve

Yes, edit the WAN gateway in System > Routing > Gateways and set a public IP, like 8.8.8.8, as the monitoring target. Then check the Status > Monitoring : Quality graphs and you will see any packet loss or latency. Steve