@mattlach I think you are misunderstanding my setup I am not using pfsense as an Access Point. I have eero behind my LAN port for that. AirVPN is my VPN provider. The reason for two LANs is one subnet routes directly to ISP and other subnet through VPN for privacy. Example my Xbox and XB6 STBs will go through ISP via LAN and my wifi traffic , Torrents etc will go through VPN for privacy. My switch is located behind the pfsense firewall

It began to work now.

@mattlach I've seen a lot of people talk about Nas but I have no idea what it is or how it works or how to set it up. But I see it all the time in the Plex forums. Would you mind explaining it beyond "network attached storage" I mean I guess that's what I'm trying to do is setup media storage servers and network them. Btw it transcodes because there's no direct connection to the Plex server. If I could get a direct connection I could use h256 and I'm running tomato over the Netgear because ddwrt doesn't support open VPN for this model of router but tomato does. Which finally got tomato and ddwrt somewhat recently many years after I bought the stupid thing.

@johnpoz said in IPv6 traceroute not showing first hop (pfSense): So your getting the results I get, where it just works out of the box @bimmerdriver FWIW, I have rule to pass ipv4 and ipv6 echoreq. Nothing else. I get 20/20 on ipv6-test.com (when it works) and 10/10 on test-ipv6.com.

No. If your updates are being blocked, check squid's access.log to see what's going on. IMO transparent mode is a major pain in the ass with https. Run it in explicit mode and then configure WPAD to allow your devices to autodiscover the proxy on their own. In explicit mode, you would normally block access to tcp80,443 on LAN to force proxy use.

I apologize, I didn't luky with my search criteria many thanks Bull

https://forum.netgate.com/topic/139900/package-update-reinstall-issues-after-update-to-2-2-4_2 -Rico

@derelict thank you. Things I didn't understand in class before are making sense to me now suddenly. I appreciate everyone's patience.

@kom Thank you. Actually that's exactly what we had. But we have to separate the firewalls with DMZs being setup on External Firewalls and Internal Firewalls would have only the internal Networks. Just wanted to see if this setup would create any other issue (besides that you mentioned double NAT). Thanks,

You need to re-install to switch filesystem types, no way around that. ZFS is a much more durable filesystem, it means fsck is no longer needed. And in fact fsck does not work on ZFS (or didn't last time I forgot and tried it!). Just for clarity the problem in UFS is usually not the fsck cannot repair it, It's that fsck returns the filesystem is clean when it isn't. That's why it can often be repaired by running it repeatedly from single user mode. It's certainly possible to damage the filesystem beyond what UFS can repair no matter how many times it's run though. https://www.freebsd.org/doc/handbook/zfs.html Steve

It works great, thanks.

@johnpoz said in private.dnsstuff.com: But guess it would be possible to just show the command output of whois running on pfsense? I think that would be nice! IMHO :-)

Ok, so you're leaning on client anti-virus. Anyway it seems the following engines can be used with squid, via havp... arcavir, avast, avg, clamav, dr.web, fprot, kaspersky, nod32, sophos, trend micro Thanks again for your input.

Yes more details required here. It's certainly possible to add however many VLANs you need to trunk out of one of the LAN ports. Each VLAN needs to be configured on the LAN parent interface, mvneta1, as well as in the switch config. Steve

Well lets hope nothing too wrong with it, finally got around to updating my 3100s and 2440 to p2 ;) heheeh Offices super quiet for MLK day I guess.. Wasn't seeing any real traffic on them - so updated them..

@grimson Thanks for pointing that out to me. I will give that a try to see if it resolves the issue.