YMMV! But we have seen odd behaviour like inexplicable crashes and problems routing traffic etc. Usually with more complex setups like HA with nodes in separate hosts. See: https://www.vmware.com/resources/compatibility/search.php?deviceCategory=software&details=1&operatingSystems=232&productNames=15&osBits=64 Steve

Yup.

*I meant, I have no idea how to continue my troubleshooting with setup #2

@johnpoz said in pfSense WAN connection hangs after about a minute: I would check with your ISP - I personally would be livid and looking for another ISP if my isp was interfering in my dns traffic like that. I love when you speak from your heart. Usually that's the truth. In fact ISP use your DNS queries to make a profile of you, it can be use for you (adds) or against you (if you sue ISP). On top of that they reduced costs by participate on Google Global Cache or GGC program for Youtube, Netflix, and so on. Just block their GGC cache and you will get a faster speed.

I changed OpenVPN tunnel nework to another subnet, and this resolved the issue. Thank you for the help!

Put this in custom settings and see if you get what you are looking for in the log. server: log-queries: yes

thank you for the reply. this for example.. [image: 1603657318941-screen-shot-2020-10-25-at-4.22.27-pm.png] and then also, the pfblocker logs include a DNS name despite there being none in the system firewall logs (despite enabling the option including pbblocker statistics in the system firewall log). The latter is not a big deal since I could run a cron to port them. [image: 1603657457132-screen-shot-2020-10-25-at-4.23.38-pm.png]

@stephenw10 Yeah, the Roon client is uh, "interesting". I'm assuming they're calling setsockopt(SO_BROADCAST) and not checking the return code, but it also might be just some stupid .NET thing. Unfortunately, I get nothing. No logs, no crash report, no core dump, nothing on console. Just hangs and I have to reboot manually. When it comes back up, the UI doesn't indicate there is a crash report like the docs indicate it should notify me. Anyways, RAM shows up in a few days and until then I put in my old EdgeRouter firewall back into service.

Hmm, well if it clones a running VM to a powered off VM that sounds far more like it just clones the drive and, presumably, the VM config. Not like a snapshot. In which case shut it down before cloning it. I won't pretend to be a VMWare expert though! Steve

@Helmut101 said in Could you help me analyze these crashdumps?: This is totally within an acceptable range, but below 50°C would be preferrable I think Yeah lower is always preferable but that is within the expected temperature range. You should not expect it to fail unreasonably early at that. Steve

ok, I connected a Cable directly from the ground lug Coaxial connector from the cable company directly to my modem. BINGO! Turns out it was a bad splitter in the crawlspace. I dont think I would have found this without it costing a service call without your guys help. Very grateful!

Thank you very much. I'll test it in dark night. Thank you again.

It is all working now. Like many I guess, I am new to pfsense. In learning the software I had the system bridged, took it apart and had individual subnets; put the bridge together again etc and generally messed with it a lot. So I reloaded from scratch, set everything up and bridged the ports. Now all is working including share access. Maybe from all the playing there was a remnant of something(s) in config somewhere? The shares still don't show it the neighborhood but I don't think Windows plays nice with samba anyway. I have the shares mapped and that works for me! Thanks

Ok, so figured it out... It was DNS port 53 requires TCP & UDP. Without UDP the LAN would lose internet every 2 hours from Verizon... but now its fixxed!

@Orlie said in arpresolve: can't allocate llinfo for 192.168.100.1: send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr 24.xxx.xxx.161 bind_addr 24.xxx.xxx.185 identifier "WAN_DHCP " That is dpinger logging the values it's using when it starts. So usually that is when the WAN comes back up or you get a new WAN for some reason. Steve

you also need mountd port under ubuntu it's sudo nano /etc/default/nfs-kernel-server RPCMOUNTDOPTS="--port 12345" sudo systemctl restart nfs-kernel-server rpcinfo -p | grep "tcp.*mountd" open port 12345 on pfsense

@periko , love your idea. That would be possible in the near future, no one needs a powerful pc and an it support/person anymore all will be done with VM and AI.

I just found the answer in the blog pages. "The new log size will not take effect until a log is cleared or reinitialized. This may be done individually from each log tab or it can be done for all logs using the [Trash-button] Reset Log Files button on this page. See Adjusting the Size of Log Files for more."

@KpuCko said in How I can assign same vlan to multiple interfaces: My thoughts are I expect to be able to do switching and routing with one device You can - just get a box that has switch ports in it, that does routing.. SG3100 has switch ports, the new sg2100 has switch ports. The 5100 for example does not.. My sg4860 does not.. I didn't want switch ports on it, because switching should be done on your "switch" ;) Not your router.. Keep in mind that with routers with switches, the uplink into the routing is going to be limited.. Look at the above block diagrams for example.. Notice the 1gbps and 2.5gbps uplinks from the switches.. The proper tool for the job.. Do you go buy the hammer at the store, when you need to hammer in a nail? Or do you pound on nails with your screwdriver? Switches are not expensive these days... You could pick up a 8 port gig smart switch for like $40.. Or get a 16.. Or 24 if what you are after are switch ports. I would always suggest if you think you need a 5 port switch, get an 8 or 16.. That way when your needing another port - you don't start eyeing your router interfaces thinking you can use them as switch port ;)

@kiokoman Thank you for the reply. I will try and use a log parser before sending them to papertrail then (until we have a native way to do it). I think it may be worth my time to setup a cron job to ftp the pfblocker-ng logs rather than the system logs. I need to look at those logs to see if they containt the DNS name.