@stephenw10 I have dropped out of many groups because members reply with a redirection in effort instead of working a problem. One fellow asked why I wasn't using a VPN to access my web content. I explained that the purpose of the website was for public use, not private. Or one fellow suggested I change from ESXi to ProxMox... Naw... too complicated for my purposes, and it means starting over from ground up. I have enjoyed pfSense and need to be sure I've got it set up to give me maximum protection. One fella said Port Forwarding was risky as it opens you up to hackers. Well yeah, I knew the apps would be at risk. That's why I use ESXi, and backup my VM's. Get hacked... dump and replace... My next job is to configure the email blocking that is provided under "feeds". Thank you Steve

Really you need two interfaces to do this. Assuming your laptop only has one NIC that generally means you need to use VLANs and a managed switch to create a WAN and LAN interface. Then you should connect the pfSense WAN to the ADSL router and all the clients to the LAN. If the ADSL router can be put into a bridge mode so it passes the public IP to pfSense directly that would be better. Steve

@stephenw10 Yes it seems to be showing this morning. Of course it was the day I needed to restore from backup. Thanks

@stephenw10 said in Automatic Config Backup (ACB) not working/missing backups: It's an issue at our end in the server. Our team are working on it. Backups should be available currently though if you have not yet restored. Steve Ok, thanks for the reply! I'll have some patience than. ;-) [update] Indeed they are available now! Thanks

Well, that worked, thanks so much. Feels a bit better seeing it upgrade and upgraded. No idea how I'm going to test the proxy as I've decided to do something different. Have not gone back to it since finding the problem.

Thanks all. I'll let Negate handle it.

@johnpoz Default lease is 7200s/2 hrs. Also, "Ping check" is enabled by default to try to see if an address is in use before assigning a conflict.

Humorous thread with an evil ISP, indeed.

I assume you only have one NIC in that device? You can still leave LAN assigned as the parent interface directly and assign VLAN99 as an OPT interface. Steve

Mmm, but you can set the default source to a non used port for example it won't ever log anything. Just use your custom source on the real port. Or just use a non standard port to send traffic to your custom source. Steve

@johnpoz Hi Johnpoz Thanks to you and all of the above for your replies. I was seeing some very strange behavior which looked like some kind of corruption to me:- Addresses were not being blocked even though they were clearly in a rule. Some addresses within an alias were being blocked while other were not. When I'd clicked on an alias it would open a different one to that clicked on. I tried a reboot to see if that cleared anything and during the pfsense startup my screen was just scrolling with errors of myriad description; file errors, device errors, api errors, version error and interface id errors ... ... I have backups of my settings so I'm just going to do a rebuild and import, as currently I can't trust a thing I read. I'm guessing that was the issue all along and hopefully It will be cleared after the restore. Thank for you help everyone.

https://redmine.pfsense.org/issues/12747 If you don't normally see that it implies something was causing one of the other logs to fill and be rotated more frequently that normal which could be a clue. Looks like every 3hrs which is not that fast for the default log size. A ddos attack would log far more for example. Steve

@nogbadthebad Only the last octet is changing and mostly it is just 1-9 for me.

@stephenw10 You are a lifesaver, I was going crazy with this for the past 5 days (on & off) I disabled all of the RSC options on both the NICs & the virtual NICs in Hyper V, rebooted the server and the VM and when I ran the Speedtest it was able to complete the upload test without any error. I was also able to connect to PCs via TeamViewer and also send out emails. Thank you so much!

@patch said in I am not reaching the required speed: To do this you need more physical NIC than the 2 you have. ...and it still may not help because you're running Realtek NICs and PPPoE. ~680Mbps is about what I expect from that. Confirm it by running top during a test to see the per core CPU usage. The receive NIC queue is probably at 100%. Steve

Yeah seems OK so that starts to look like a DNS issue again. I assume DNS is failing on the client still?

Mmm, either uncheck 'DNS Server Override' and set 'DNS Resolution Behavior' to Use remote. Or set a domain override for penguinpages.local in Unbound to use the AD server. Steve