@waqar-uk said in General Questions from a Noob: @johnpoz said in General Questions from a Noob: @waqar-uk Yeah they are fine for dumb - but why would you have purchased a smart if all you wanted wanted/needed was dumb. Was your future plan to use them as vlans? If so the v2 version has not gotten a firmware update while the v3 models seems to have a firmware update out that is suppose to fix their mishandling of vlans. I just bough a TP link 8 port switch to use as a way to pass my Pfsense LAN to many of my devices, be they a wireless AP, power line networking and my main desktop direct Ethernet connection. They're OK as a regular switch or even for port mirroring. However, you can forget about using them for VLANs.

I would suggest running a VPN between the AWS instance and your home router (which I assume is pfSense, if not why not! ) so that the NAS IP is always the same private IP. The VPN itself can just use a dyndns entry or if you use OpenVPN it doesn't matter if the IP changes. Steve

Yes, you are right. Looping is occuring between in router and pfsense. Router ip Pfsense ip Router ip Pfsense ip .... Thx

@jegr said in pfSense as VPN+Firewall on hosted server: @mkaltoft As I suppose your datacenter ISP that hands out the public IPs hasn't allocated you a public IP subnet/space that could be routed, just let him point all public IPs to IP of the pfSense in VM1. Then use 1:1 NAT or port forwardings to map .171 public to .171 private. That makes a lot of sense - thank you so much.

@stephenw10 said in how to remove a lagg: Just got to doing this, these instructions were perfect. Thank you ,

I found the problem, I had my VPN set up at 10.0.0.0/24

This guy used AirVPN for that reason. https://forum.netgate.com/topic/130820/pfsense-unraid-bittorrent-airvpn-confusing I have never used them so can't comment on them. Steve

@selstam2 Seen this prob posted somewhere else. My first thought was, how come Pfsense, promoted as High-Availability capable, has this prob... then it occur to me this may happen only under some circumstances... It happens on my case because I notice my Pfsense box boots faster and becomes ready BEFORE my Arris modem (issues DHCP req when modem not ready to respond), which leads me to think a script or a Pfsense delay boot... hasn't bother me much for me to take any action 'cuz my UPS spoils me :)

@stephenw10 said in LDAP AD Extended Query with 2 groups: clear both those queries work individually but you want to authenticate only users who are members of both groups? Sorry, I wasnt being clear in previous post. I found this post to be similar to my issue: https://forum.netgate.com/topic/103988/ldap-extended-query-with-multiple-groups The solutions in there did not work for me. Is there a way to make this work? My pfSense version is 2.4.2. Thank you,

Thank you @azzir This was very helpful. I was trying to compile similar query for Splunk. After spending some time, I could come up with following. host="pfSense.HOME.COM" filterlog | rex "(?P<Month>\w+)\s\s(?<Day>\d{1,2})\s(?<Hour>\d{1,2}):(?<Minutes>\d{1,2}):(?<Seconds>\d{1,2})\s(?<RouterName>[^\.]+)\.(?<Suffix>[\S]+)\s\w+\s\s\d{1,2}\s\d{1,2}:\d{1,2}:\d{1,2}\s(?P<LogType>\w+):\s(?<RuleNumber>\d+),,,(?<Tracker>\d+),(?P<RealInterface>\w+),(?P<ReasonForLogEntry>\w+),(?P<Action>\w+),(?P<Direction>\w+),(?P<IPVersion>\w+),(?<tos>[^,]*),(?<ecn>[^,]*),(?<ttl>\d+),(?<id>\d+),(?<offset>\d+),(?<flags>\w+),(?<ProtocolId>\d+),(?<Protocol>[^,]+)" | rex "^6,(?<class>\w+),(?<flowLabel>[^,]*),(?<hopLimit>\d+),(?<protocolText>[^,]+),(?<protocolId>\d+)" | rex "tcp,(?:\d+,)?(?<Length>\d+),(?<SourceAddress>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}),(?<DestinationAddress>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}),(?<SourcePort>\d+),(?<DestinationPort>\d+),(?<DataLength>\d+),(?<TCPFlags>\w+),(?<SequenceNumber>[\d:]*),(?<AckNumber>\d*),(?<TCPWindow>\d*),(?<urg>[^,]*),(?<TCPOptions>.*)" | rex "udp,(?:\d+,)?(?<Length>\d+),(?<SourceAddress>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}),(?<DestinationAddress>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}),(?<SourcePort>\d+),(?<DestinationPort>\d+),(?<DataLength>\d+)" | rex "icmp,(?:\d+,)?(?<length>\d+),(?<SourceAddress>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}),(?<DestinationAddress>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}),(?<ICMPData>.*)" | rex "(?<icmpType>request|reply),(?<EchoId>\d+),(?<EchoSequence>\d+)" | rex "(?<icmpType>unreach|timexceed|paramprob|redirect|maskreply),(?<icmpDescription>.*)" | rex "(?<icmpType>unreachproto),(?<icmpDestinationIpAddress>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}),(?<unreachableProtocolId>.*)" | rex "(?<icmpType>unreachport),(?<icmpDestinationIpAddress>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}),(?<unreachableProtocolId>[^,]+),(?<unreachablePortNumber>\d+)" | rex "(?<icmpType>needfrag),(?<icmpDestinationIpAddress>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}),(?<icmpMTU>\d+)" | rex "(?<icmpType>tstamp),(?<icmp_id>[^,]*),(?<icmpSequence>[^,]*)" | rex "(?<icmpType>tstampreply),(?<icmpId>[^,]*),(?<icmpSequence>[^,]*),(?<icmpOTime>\d*),(?<icmpRTime>\d*),(?<icmpTtime>\d*)" | table Month,Day,Hour,Minutes,Seconds,RouterName,Suffix,LogType,RuleNumber,Tracker,RealInterface,ReasonForLogEntry,Action,Direction,IPVersion,tos,ecn,ttl,id,offset,flags,ProtocolId,Protocol,class,flowLabel,hopLimit,protocolText,protocolId,Length,SourceAddress,DestinationAddress,SourcePort,DestinationPort,DataLength,DataLength,TCPFlags,SequenceNumber,AckNumber,TCPWindow,urg,TCPOptions,ICMPData,icmpType,EchoId,EchoSequence,icmpDescription,icmpDestinationIpAddress,unreachableProtocolId,unreachablePortNumber,icmpMTU,icmpId,icmpSequence,icmpOTime,icmpRTime,icmpTtime code Tools used: To validate regex aginst data: https://regex101.com/ Official Documentation About Log: https://doc.pfsense.org/index.php/Filter_Log_Format_for_pfSense_2.2

@johnpoz said in PfSense Box cant ping LAN: @jahonix That https://textik.com is slick as shit! Added to my toolbelt links. Thank!!! That will make for some really nice ascii art network diagrams. edit: here is another one like that http://asciiflow.com/ I had ASCIIflow in that german support topic as well, but after trying both, it certainly lacks a few functions compared to textik. Textik handles links/lines between boxes and they stay linked/sticky whereas asciiflow doesn't have some sort of linking functionality :)