• Questions about my ideal setup

    59
    0 Votes
    59 Posts
    11k Views
    W
    @bingo600 Yes a mis-type. i5-5250U, 8GB RAM and Kingston 120 GB SATA SSD. https://ark.intel.com/content/www/us/en/ark/products/84984/intel-core-i55250u-processor-3m-cache-up-to-2-70-ghz.html
  • How to set ip range on LAN same as WAN range ip

    16
    0 Votes
    16 Posts
    1k Views
    johnpozJ
    @stephenw10 that is just SAD at so many levels.
  • 0 Votes
    5 Posts
    909 Views
    Sergei_ShablovskyS
    @sergei_shablovsky said in URGENT - Restoring 2.6.0-Dev after accidentally(!) parts of pfSense deleted: Thank You for Idea, I'l try to ask USB-drive on a reception of hotel, and may be possible to download pfSense install image and make bootable pfSense USB... Problem SOLVED: successfully restored system by choose Restore from existed config when installing from local USB-drive. Only few additional .pkg added manually. (I forgot to say, that WANs are locked to NICs MACs, so at night ISP support team not able to make corrections, so I cannot able even to connect local notebook in office.) For Your smile at the end of week: In cafe near the hotel, I buy coffee and 2 x really BIG (and very tasty) apple tart. For that, one girl from café stuff give me ability to download pfSense and create bootable USB-drive on her notebook ;) So, all are happy: office working, and I go to complete my morning tasty apple tart, I have phone num of pretty girl from cafe, tied, happy and go to sleep ;)
  • How to remove CAs and Certificates?

    5
    0 Votes
    5 Posts
    681 Views
    GertjanG
    @whitetiger-it No need to be sorry, no harm is done. It's quiet ok to ask before you 'delete' something.
  • pfSense plus 21.05.2 possible Netgate Firmware Updater bug

    2
    0 Votes
    2 Posts
    265 Views
    bmeeksB
    This bug is known and being worked. Here is a link to the Redmine Issue: https://redmine.pfsense.org/issues/12487#change-57234.
  • SSH Permission Denied from only one client

    7
    0 Votes
    7 Posts
    2k Views
    J
    I turned on debugging in sshd and it looked like it wasn't able to find my keys in the authorized_keys file on the pfSense box, even though they were there. Long stupid story short, there were carriage returns in my ssh keys when I copy and pasted them over from Cygwin. I could see them in 'vi' on the pfSense box as ^M's in the authorized_keys file.... Thank you for your help @stephenw10. Hopefully this might help someone in the distant future.
  • Choosing what notifications are sent through email

    4
    0 Votes
    4 Posts
    459 Views
    provelsP
    @cprat Have you looked at the 'mailreport' package in the Package Manager?
  • Swap interfaces

    7
    0 Votes
    7 Posts
    761 Views
    stephenw10S
    Yup, backup your working config first. You can do that from the GUI though in Diag > Backup/Restore. Be aware that once you assign ue0 pfSense will require that to boot. So if you disconnect your phone without unassigning it first and then pfSense reboots for any reason you will need to access the serial console. Steve
  • LAN2 gateway can ping AP, but AP can't ping LAN2 gateway

    5
    0 Votes
    5 Posts
    593 Views
    stephenw10S
    It's common to set TCP only (the default) and that will not allow DNS which can present as you saw it. With a TCP/UDP to any rule you would expect to be able to browse though. Steve
  • Pfsense with Unifi APs Problem

    11
    0 Votes
    11 Posts
    1k Views
    B
    Yep I got it up and running and did not downgrade the FW. It turned out to be the unifi switches had the Vlans and the IP addressing still entered. So I removed the IP addressing out of the unifi switches and let the pfsense box do the address through its Vlan DHCP servers and all is good.. Thank you for the response.
  • Transparent Firewall but NO ping,dns lookup or updates

    5
    0 Votes
    5 Posts
    873 Views
    A
    I tried your steps and YES its OK!!!. Seems now I can connet to internet from webadmin panel. (Show updates and other things) Two things that i needed for help someone as newbie as me: After remember setup rules that allow to access the new bridge interface And of course assing the gateway of your subnet (My IPS router) Thank you very much for real Stephen!!!
  • 0 Votes
    5 Posts
    889 Views
    stephenw10S
    I would expect both those cards to be supported by the bxe(4) driver: https://github.com/pfsense/FreeBSD-src/blob/RELENG_2_5_2/sys/dev/bxe/bxe.c#L142 The HPE 530SFP+ also appears to be based on the Broadcom 57810S. You may need to modify the card though to get them to link at 2.5G. It sounds like you've already started looking into that. Yes, you should try the LAGG setup since it might work OK and requires no additional hardware. Your ISP probably provides some sort of business grade connection using the same fiber. I would look at what equipment they supply with that. It may be you can just get that and use it. Steve
  • Getting an Error every 15 Minutes...Ideas?

    4
    0 Votes
    4 Posts
    506 Views
    stephenw10S
    Hmm, I'm surprised about that since Limiters don't really care what the NICs are. It could have been a CPU limit trying to pass that through a Limiter I guess. Steve
  • IPMI Manual Fan Control Dell r210ii

    Moved
    1
    0 Votes
    1 Posts
    193 Views
    No one has replied
  • PPPoE bridge to another firewall

    9
    0 Votes
    9 Posts
    2k Views
    S
    @stephenw10 Very interesting, im going to read up on this some more. I did put the pfsense box on full WAN duty, its just connected to the forti with a /30 private link. Performance is great, without much tweaking I was able to get full speeds up and down, CPU usage was even at 18-19% for both tests. I might just stick to this anyway, maybe ditch my forti until I buy the 60F, id rather just deal directly with the box that holds the WAN address. I appreciate the help Steve.
  • PFSense notification if large amounts of data downloaded

    6
    0 Votes
    6 Posts
    884 Views
    bmeeksB
    @maverick_slo said in PFSense notification if large amounts of data downloaded: Well... I use XDR which alerts on behavioral anomaly if large upload is detected (per host). But additionally I also use zabbix which will send alert if upload is larger than 80Mbit/s for at least 10 minutes (configured this way so that "regular" traffic wont trigger alerts, will be different for every company...) But it`s hard and requires deep knowledge of your network and whats OK traffic and whats not. Yes, there are some host-based solutions. And that is really one of the best places to put such tools because there you can generally still see the data BEFORE it's encrypted. I was specifically referring to firewall-based or network-based tools in my earlier reply as that is how I interpreted the OP's question. It's much more difficult at that level due to the encryption and also the magnitude of data flow.
  • Lost interface information after pppoe username change

    5
    0 Votes
    5 Posts
    550 Views
    stephenw10S
    I replicated this and created a bug report: https://redmine.pfsense.org/issues/12498
  • Comcast internet slow after pfsense installed

    17
    0 Votes
    17 Posts
    2k Views
    stephenw10S
    Ah, probably not then. If all three interfaces are trunked on the same link to the switch that means any traffic at all on LAN2 will reduce the available bandwidth on LAN1/WAN. Steve
  • Pfsense box wont negotiate at 10 gig anymore

    4
    0 Votes
    4 Posts
    512 Views
    stephenw10S
    No if you just swap the card and those are the only 10G NICs on the firewall it should be fine. If there are other NICs using the same driver the order may change. Steve
  • Verizon JetPack

    4
    0 Votes
    4 Posts
    606 Views
    BurninBogey6B
    @bcruze said in Verizon JetPack: https://docs.netgate.com/pfsense/en/latest/multiwan/load-balance-and-failover.html @stephenw10 said in Verizon JetPack: That^ Both WANs will always be active but you can route traffic via one of the other using policy routing. https://docs.netgate.com/pfsense/en/latest/multiwan/strategies.html Steve Thank you both for the information. Setting this up now.
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.