Hmm, that's odd!

@johnpoz said in Specific app doesn't connect to its server when on my network, but does while off: @scottlindner you don't need to do that, you can just set your packet capture to the IP of the phone. You could setup a reservation in your dhcp so the phone always get the same IP. Ahhh.. I see it now. I'll do that the next time she is over. Thank you! I'll follow up here regardless. If I figure it out, I'll post what was wrong and the solution, and obviously if it doesn't make sense to me I'll be asking for more guidance. Appreciate you guys!!

Multicast MACs are known on wifi mesh systems like that, yes. https://docs.netgate.com/pfsense/en/latest/install/upgrade-before-2.2.html#microsoft-load-balancing-open-mesh-traffic Steve

Not if it's a remote device. ARP is not involved there. Steve

Exactly. No difference.

@stephenw10 You make a point there ... I have a "Major Brand" PBX that absolutely won't work if NAT'ed. /Bingo

Yes, more info required. What did you increase the memory from and to? Are you running FRR with a lot of routes passed? Steve

Yes, that setting makes no difference if you don't have any hn(4) NICs. And yes they are found in Hyper-V (and Azure). The 'the multi Queue API' here applies only to hn NICs. You sacrificed mutiqueue to enable AltQ there but not on any other NIC. You can apply FQ_CoDel using Limiters, yes. https://docs.netgate.com/pfsense/en/latest/recipes/codel-limiters.html Steve

@rcoleman-netgate good to know. Thank so much!

Yes, it could be. I'll try to replicate and open something if there isn't anything already open.

@doguibnu I suspect the url mentioned is a place to go for help with the error, not a url being accessed during the boot process. If memory serves (it’s been many years since I’ve done ltsp), after the bios file is loaded via tftp, the initramfs file is loaded via nfs. First step here, however, would be to go to the client machine, and load a local os (from the hard drive or a flash drive, etc - not via netboot), and attempt to manually load the file in question via tftp. If it loads, then the file exists on the ltsp server and is accessible.

Well the port test only checks the initial TCP handshake. It could still be failing later in the sequence for clients. I would probably be trying to get a packet capture of a client failing to connect and seeing exactly how it's failing. Steve

@slowskull said in pFsense plus download: I own a Netgate 3100, would i be able to download a pfSense plus software and install it on a bare machine? or am I limited to community edition despite I own a physical Netgate machine? At current time there is no means to put Plus on non-Netgate hardware directly. You can download 2.6-RELEASE and get a token to upgrade to pfSense Plus (see this blog for more detail) and then upgrade to 22.01-RELEASE and then 22.05-RELEASE. Your 3100 image is not compatible with any other hardware, either.

Mmm, that should have been merged in 3.1.0_0 though.

Ah you have a custom file. pfSense allows you to create the file in /conf and it will use that in preference to anything generated by the gui. That way you can use an entirely custom config if you need something that cannot be set using the gui alone. So at some point you must have created that and usually it would be to add something custom. If you just rename that file and resave the page it should create the expected file in /var/etc from the configured gui settings. Steve

Nevermind. It was a user permissions issue. The user only had read-only rights on the config. Would have been nice if the UI gave me something like "User isn't authorized to do this..."

There are a lot of variables so... it's hard to say. If you had a load of lists loaded and relatively low end hardware you might see that. A restriction to 30Mbps is quite extreme of most hardware though. Steve

You need an Apple TV or HomePod, the newer versions act as thread routers. It just works with iPhones on one vlan and IOT devices on another vlan, same as it would if you were away from home. For what it’s worth I had nothing but problems with avahi and removed it after a week.

Ok, so Snort or Squid could both cause this The first thing I would do is try disabling either (or both) and see if that prevents it. Also check the logs of both for blocked traffic when it happens. Steve