Currently pfSense Plus is only available for Netgate appliances. There will be an announcement when that changes. Steve

Yes, there is nothing included in pfSense to do that. You might be able to add something custom for SSH connections to add that but not for as direct console connection as far as I'm aware. Steve

For the KVM switch to not cause what you are seeing it must continue to emulate the KVM when switched to other clients. You likely have a KVM switch that does not emulate the KVM, when you switch the KVM to another host the KVM simply goes away causing FreeBSD to see the hot plug event. If you want to test this theory unplug and re-plug the KVM from pfSense with it selected and see if you see the same behavior.

@mynetworkrocks said in Suricata Unix Socket: @bmeeks A quick question - looking at the config I posted do you see anything i need to adjust to get this to work? Sorry, but I don't use telegraf. The configuration coding for that option was provided by a Suricata package user, and I just incorporated it into the next release of the GUI package. There are some older telegraf threads in the Packages sub-forum here. You might find some answers by searching in those.

@jt40 I have ran content filtering and security for multiple companies over the years - I know exactly what they do an don't do ;) And how they do it and what they can do.. And MITM is a can of worms that many will not open - that you take it upon yourself to do it - with a company that has had questions, and is banned in some countries on gov type computers.. Filtering where a user can go is simple enough to do with explicit proxies having to be set without having to break the end to end encryption of the ssl connection. I don't have to peek inside your ssl connection to block you from going to xyz.com or allowing you to go to abc.com via https. Well you do you..

@pukoid said in Memory consumption: No, it's not pcscd. Stopping it in services changes nothing. Maybe I'm wrong, but in my case it need 30-60 secondes after stop the service... Edit: See it after posting /usr/local/bin/vmtoolsd is your issue.

@stephenw10 Thanks Steve, I'll try the cronjob.

@stephenw10 Diag > Command Promt and rm /tmp/notices sure did help. Thanks - case closed! (Decided to put my UDM in first place and then use my pfsense to protect a subnet behind this. I like the pfsense more but it's not a wifi-router so...)

Mmm, well that's something else. I'm not aware of anything in particular that might cause that. Check the Squid logs. What are you using Squid for? Steve

@steveits said in pFsense HD Corupt?: @mynetworkrocks re: your second question I've seen that in a few cases. Try restarting (which it sounds like you have been doing...?). @SteveITS - yes that is what I was doing, I was rebooting it a few times to try figure out what was going on. It seems like something got corrupts on the M.2 drive that I have installed on the XG-7100 and the brought the whole thing down. I have now installed the latest version on the MMC drive and going to use that as a backup. I will be reinstalling on the M.2 drive. @stephenw10 Thank you I did and support was excellent they pinged me a image download within a few minutes. On the MMC I had to go to 2.4.5 first then to the latest version. I will keep that as a "live" backup, I will reinstall on the M.2 with the new image. Thank you for all the replies!

It's normal to see that a few times and the number of times depends on the drive. It may not actually be stopping there. That's the last thing you see if you have dual consoles enabled, and the other one is set as primary, until boot completes. I would guess it's set as serial console primary and it lost a NIC when you removed it so it's now waiting at the interfaces assign screen but you can't see that. Try forcing vidconsole: https://docs.netgate.com/pfsense/en/latest/troubleshooting/boot-issues.html#booting-with-an-alternate-console Steve

@bmeeks said in Anydesk does not work: but frequently users think they can just go through and enable everything haha - yeah no clue to what any of the rules mean - but clearly the more rules I have the more secure I will be.. And lets just start of in blocking mode ;)

Port 80 was disabled in rules and Nat. As soon as I enabled them, the certs renewed successfully. Thanks for pointing me in the right direction, much appreciated.

Hmm, weird! Take the win and move on.... Steve

@cool_corona sure!

Aha, nice!

@stephenw10 I found that odd too. I'm not by any means a networking professional - I'd consider myself an advanced beginner, but I do not understand why that port was locked into vlan 10 or how was vlan 10 chosen for devices on that port...

Nice! Good result. Pure IPSec is waay better than trying to use L2TP over it. Steve

Good to hear! You should be aware though that the fact you had to forward GRE implies the VPN type you're using is probably PPTP which is an outdated protocol and considered insecure. You should check the VPN type in use to be sure. Steve

@dirtydish been many many years since my sons were home and had to worry about what they did on the net, and the net was a much different place 20 years ago ;) But pfsense can act as your proxy, you don't need to setup some laptop to do that. https traffic can be difficult.. There would be a very steep learning curve sadly to say. If they are using tablets and iphones - you might be better off using the tools meant to monitor those.. https://support.apple.com/en-us/HT201304 I do a bit of this with my grand daughters phone - she can not install any apps without it asking me for permission.. I get a notification - and she texts me ;) Pa can you approve ;) -- she lives in California.. You can also look into monitoring youtube history, etc. Such tools will most likely be easier to get going with and easier to manage and use than say some proxy log that is for sure.