Are you still seeing the LCP timeouts in the PPP log when it fails? Where did you get the MT992 modem from? Perhaps it's bad? Try setting up a PPPoE sesion from something else using it and see if you still get disconnected. Try putting the Fritzbox back and see if that has disconnects at all. I can't do live support here, we have paid support for that. But in this case they would tell you the same thing: LCP timeouts like that are the other end failing to respond. pfSense can do nothing about that. Steve

@itestandroid You can have whatever MTU you wish on your LAN, as IP is designed to work over different MTU, provided everything thing on a subnet is at the same MTU. Fragmentation (IPv4 only) and Path MTU Discovery (PMTUD) will be used fit the packets to a MTU. However, if you can manage 9000 on your LAN, then that would be best. However, you won't be able to use WiFi on that LAN as it supports a maximum MTU 2304 bytes. Also, where is your LAN compared to the data centre? If you have to connect to it via the public Internet, then you're still going to be limited to 1500. I believe Internet 2 supports 9000 MTU.

@stephenw10 thanks I see my zpool. No widget in 2.6.0

It shouldn't. It sounds like you're hitting this or some variant of it: https://redmine.pfsense.org/issues/12920 Steve

Thanks guys. That was exactly what I needed. And thanks for pointing me to what I needed to read in the manual too.

Still an issue in March 2022, I'm not sure why the whole restore process is a mess and extremely confusing and to be honest absolutely downright stupid. It's like a restore process from 2005... MAKE IT USER FRIENDLY NETGATE! Better yet, add progress bars, because sitting to a blank screen for an hour to see if this config worked is absolute insanity, EVERY config should restore. such flaky software.

@longhorn said in pfSense Blocking MAF... any idea why and how???: @stephenw10 appreciate your thoughts and comments. I've now been able to determine it's not a network issue - as you said - but appears to be narrowed down to my Windows 10 workstations. Snooping some of the forms not displaying correctly to the end user, they share some characteristics: iframe JavaScript calling a 3rd party site for MFA Security software might do things like that.

@mrpete said in "Cannot delete alias. Currently in use by ." [Not reproducible]: it sure would help to list the interface name along with the description :) Yeah prob be best to list as much info as possible, interface, actual rule number, etc.

Really we need to know what bandwidth you're actually going to be routing/filtering. I would assume you will not be passing (or trying to) 10Gbps between those VLANs if each client is limited to 100M. If it's all going to be WAN-LAN traffic what's the available WAN bandwidth? Steve

@leacho73 for openvpn look here: openvpn-external-crl-automatic-renewing-openvpn-restart So... you could download the CRL with Curl, transfrom it in x509 and drop it where it is needed.

@tiger-0 Services - DNS Resolver or DNS Forwarder, depending on which you use. Resolver is the default.

@stephenw10 that did the trick! Thanks a bunch

@crucialguy said in Slow Network Problems - pfSense is Firewall + DHCP Server.: Users are great.

@stephenw10 bugger, ok thanks

@lohphat said in Email Notification error when using microsoft exchange: Newer Office365 tenants have MFA (Multi-Factor Auth) enabled (i.e. login verification by MSFT Authenticator app or SMS) so that simple name+password+STARTTLS is going to fail. You first have to ENABLE SMTP Auth as an allowed auth method in the users Mail / Manage Mail Apps settings. SMTP Auth is now DISABLED by default so it has to be checked for it to work at all. There is a way to disable this I believe by creating an "application password" which is accepted for auth, bypassing MFA. You have to set the user account to "Enforce" MFA first. Then go to https://mysignins.microsoft.com/security-info as the user and then add a method "App password" to create the static password to allow login without MFA. More detail here: https://d365demystified.com/2021/10/17/allow-users-to-create-app-passwords-in-office-365-multi-factor-authentication/ I'm working on this now as I just migrated to O365 and all my automated notifications are broken. Thanks. This is what was causing the issue... I enabled SMTP Auth and now everything works fine.

Hmm, why are you not going straight from pfSense to the LDAP server? With LDAP auth. Steve

The filter log format is described here: https://docs.netgate.com/pfsense/en/latest/monitoring/logs/raw-filter-format.html I'm not sure what sort of capability PRTG offers to parse that structure though. Steve

Ah, good to hear.

@xtjoras-0 Bom dia, Amigo estou na procura também de outra solução semelhante ou igual ao que o shallalist entregava, se achar alguma luz da um toque aqui também. Abraços.