Ok it is fixed on the DC instance now. I simply enabled scrub again and it works. How strange is that? Considering scrub messes with fragmented packets. So with scrub disabled the frag test fails, are you able to test that? Same fix works on LAN as well. Ok glad the cause is found, it is odd, but good nevertherless. thanks :)

@grimson Thanks, I do read manual but in this case I don't know where to start so I asked question here and yes I only have 1 physical line (at-least for now), I will add quad gigabit ethernet nic to my PC next month.

The only way is to download the source code, edit the references to pfSense and recompile. You may then use and support the product using the name of your choice.

No. The pfSense shell : pfSense - Netgate Device ID: 20cc46dfabc85c78e087 *** Welcome to pfSense 2.4.4-RELEASE-p1 (amd64) on pfsense *** 0) Logout (SSH only) 9) pfTop 1) Assign Interfaces 10) Filter Logs 2) Set interface(s) IP address 11) Restart webConfigurator 3) Reset webConfigurator password 12) PHP shell + pfSense tools 4) Reset to factory defaults 13) Update from console 5) Reboot system 14) Disable Secure Shell (sshd) 6) Halt system 15) Restore recent configuration 7) Ping host 16) Restart PHP-FPM 8) Shell Option 8 - is a classic shell. Cisco uses IOS commands, pfSense has a GUI. With the Cisco GUI (if it has one) you couldn't do all the things you can do with the IOS commands. pfSense : the other way around. "Option 8" exists to see the OS file system and to interact with, start some basic or complex "FreeBSD" commands and yes, there are even some less known (and rarely used) made-by-pfSense scripts files. You cant' manage pfSense purely from the command line. See also threads like https://forum.netgate.com/topic/125603/cisco-vs-pfsense/9 (and Google can tell you more, as usual)

@mr-newbie thanks for your reply i'm trying to setup user management/privilege in which our users can login with their LDAP credentiel(username and pasword),i want to know why on "system usermanager>settings>test " all are ok but via Diag>authentication,autnetication failed,please can you test "ldap.forumsys.com" or do you know any online ldap server for test on it?(you can see my ldap server config attached) thanks[image: 1544691328093-myldapconfig-resized.png] [image: 1544691389087-testldap-resized.png]

fsck requires read-only mode because it operates on the filesystem metadata directly. A read-write filesystem could change in the middle of a fsck operation and break it worse.

@bmeeks said in How do I find this device?: @gregeeh if you do not want this traffic filling up your logs, create a rule near the top on your LAN interface that has any as the source, UDP as the protocol, ff02::1 as the destination address and 10001 as the destination port. Set the rule to drop but not log. Right now that traffic is hitting the firewall's default deny rule and that rule is logging the dropped packet. By inserting your own rule up higher in the chain, the packet is "handled" by your rules and thus never gets to the default deny rule (which is at the bottom of the rule chain). Most helpful. Thank you.

@johnpoz said in Share WAN connection: You do understand the pfsense can be a sip proxy right.. Good point. I have installed siproxd, set outbound to WAN and inbound to LAN2. Everything else was left default. After reloading states FB6490 can register to the SIP registrar on FB6490(UM) BUT at the same time now FB7390 cannot register anymore to FB6490(UM). What does this mean? @chpalmer said in Share WAN connection: His cable company is his phone company from what Im getting.. You got it right. And because the device is the property of the provider and also configured by the provider I am very limited.

ATT offers 2 other shi, i mean amazing boxes, im on the phone with them now getting one sent out.

As far as I can see, it seems to be self contained : https://docs.netdata.cloud/installer/#pfsense extract : Note first three packages are downloaded from the pfSense repository for maintaining compatibility with pfSense, Netdata is downloaded from the FreeBSD repository. pkg install pkgconf pkg install bash pkg install e2fsprogs-libuuid pkg add http://pkg.freebsd.org/FreeBSD:11:amd64/latest/All/netdata-1.11.0.txz the netdata package does not seem to add extra dependencies unless I'm looking wrong but something like netdata (also like ntopng) is designed to run 24/7 I'm running it on a test pfsense in an isolated network, for now the test setup seems to run

Thanks for the help. I just added the LAN nic to the same local network to get things configured.

@stevelambert Try to change the binding in usr/local/etc/netdata/netdata.conf change bind to = 127.0.0.1 to bind to = * restart netdata : service netdata stop service netdata onestart

Ah, that can do it if there are unpopulated tables in the ruleset. pf cannot load and hence there is no NAT. Steve

Ok well if it comes back I'd check the other interfaces to see if it's ARPing there. It's not doing so there if you were pcapping on the actual interface in question. Also make sure you have all the hardware offloading options disabled. Steve

Updating to latest : See forum "Installation and Upgrades" , you'll find examples how to proceed. If the GUI is ko, access the console. Option 13. See also https://www.netgate.com/blog/pfsense-2-4-4-release-p1-now-available.html and the very important https://www.netgate.com/blog/pfsense-2-4-4-release-now-available.html

partial resolving: reapply another time changes ( saving) to records modifications... it should work at the second time. It was a WebGui config interpreter bug. ( maybe because by defaut the first field active is the proxy support one, and may the active field is tested as changed by this way and need to be valid to be registered. And so all modifications on misc options recall us "the password of support proxy info do not match..."