Yes, or import it from FreeBSD as they attempted. In either case it has to match exactly the php version.

I wouldn't expect Kea to make any difference there. It is indeed odd that it would only now start to report that. I did wonder if either the max value changed or the logging level but I couldn't see anything obvious indicating either.

@stephenw10 2.7.0 I now see 2.7.1 is out, so I'll upgrade shortly

Yes, that seems like more than one thing. The notices error has been seen by users in various configs so I doubt it's directly related. It could be some common cause though if you're seeing php stop responding for example. Hmm.

@tman222 I did. Actually went to copper SFP's and still had the same issues. I thought of Wireguard because there was a known problem with Wireguard and Chelsio but I thought that was fixed with either 2.6 or 2.7, can't remember which. But when I did the upgrade to 2.7.1 I also lost 2 of my 3 Wireguard tunnels. Haven't had a chance to go any further into this and probably won't for a while. I have four gig ports that I am using now instead of the Chelsio.

If it's completely different hardware the NDI will have changed. Sent me your NDI in chat and I'll check it. Steve

That worked! For any others with this issue the 1st command in the above link under troubleshooting had me go Diagnostics/Command Prompt and I typed "certctl rehash" in the "Execute Shell Command"...waited a bit so be patient and then it rebooted. Thank you! @stephenw10 & @SteveITS

You can bypass that bug by setting up the PPPoE config first in Interfaces > Assignments > PPPs. Then select that as the WAN.

You should not see firewall logs for it on WAN unless it's being blocked. Do you have some odd pass rules on LAN? As I said it's possible to create rules that pass the traffic without creating a state but you have to create that specifically and they're almost never the right option.

Nope the putty log should capture it.

Thanks @stephenw10 , that's very helpful. If the images or at least the checksums were gpg signed, that would be another way to give more confidence in the downloads, but that's another topic. Thanks again!

Yes they should be able to set that public IP on the Meraki WAN dircetly. And yes they could setup a VLAN or just a separate port to isolate a connection from pfSense and NAT it.

@johnpoz said in OpenSSH v9 new default conf directive "PubkeyAcceptedKeytypes": Only thing I am still using rsa on is like my old sg300 switch doesn't support anything else. Unfortunately even the current CBS switches only allow RSA 2048 and SHA1 as well. I believe this is scheduled to be fixed in the next release though.

@floydque said in Remote Access with Mediator: that would add another point of maintenance for me Yup that's true. But it would also be way more flexible....

@louis2 re: changing hardware; as I understand it the NDI is based on MAC addresses, so changing NICs will change your NDI, and invalidate the license.

Definately, I can accomplish that as I have a DHCP WAN. I appreciate everyone's comments! Very helpful!

Ah, good result! Interesting that pfSense didn't log that. I would normally expect to see 'xxxx is using my IP address' entries.

@HorstZimmermann said in [SOLVED]LCP: no reply to 1 echo request on PPPOE: but they kept denying An ISP denying they have a problem? I'm shocked!

@june said in Backup config file: I am putting it into usb mini slot in front of the rj45 which I am unplugging from my pc. Hmm, that's confusing There is no USB-mini socket on the 4100. There is a USB-micro socket but that's for the serial console only. It's not clear what you're trying to do here. Steve

@Pablomdli said in OpenVPN site to site not working both ways: The only weird things is that it gives the ip 10.0.8.0 to de office#2 openvpn client So I'd suspect, that you stated this IP in the CSO. You should enter an IP out of the tunnel network there, but it have to be one from the second upwards.