Update: Its not PPPOE - its IPOE that my Sky provider uses (my bad :)) Also, I have now got this working to some degree in that I can see the WAN public IP on PFSense WAN port. Just incase anyone else has this issue this is how I have resolved it.. Put the VR600 into bridge mode, make sure DHCP, IGMP, Wireless and Firewall are all turned off. Then under Advanced, networking, remove any other connection, then add a new connection, set as VDSL, and specify a VLANID of 101. Below is a link to show this in more detail. [https://community.tp-link.com/en/home/forum/topic/266902](link url) In you PFSense setup.. Under interfaces, WAN.. Make sure you set as follows IPV4 - DHCP IPV6 - DHCPV6 Next select the DHCP Advanced configuration, then look for Send Options. Under Send Options you specify this below: dhcp-client-identifier "abcdefgh@skydsl|1234567890abcdef",dhcp-class-identifier "7.16a4N_UNI|PCBAFAST2504Nv1.0" Next under DHCP6 Client Configuration Use IPv4 connectivity as parent interface = true Do not allow PD/Address release = true Next reboot the VR600 router, you will notice that at first it presents with a local IP, but after about 20 seconds the public IP will appear. Note that the VR600 router would usually display a satellite indicator icon to show that it is connected to the ISP. This is not the case when you are bridging to it from PFSense, this light will not display even when it is connected. I thought it is worth mentioning this. I hope this helps someone :)

@nguser6947 Yes, that's doable with pfSense for sure. pfSense provise multiple ways to route traffic to specific gateways: default route static route policy routing (can be configured in firewall rules) In your case, as I got it, you want to route any traffic over the VPN except that one from devices connected to the specific OPT interface. So you can use the default route and point it to the VPN server, which might be already done, I guess. (Normally the VPN provider pushes the default route to the client.) For the OPT interface use policy routing to bypass the VPN and direct traffic to the WAN gateway. Read the Policy Routing Configuration chapter in the pfSense book for details. Also obey the Bypassing Policy Routing section with the RFC1918 alias if you need to access local destinations from the OPT interface as well, e.g. DNS access to the pfSense Resolver. Remember that a policy routing rule directs any traffic it's matching to to the stated gateway. I.e. if the rule matches you cannot reach local destinations. Therefore you have to an additional rule for local destinations.

@johnpoz Ok then, thanks once again johnpoz

No they are not forked. (at least up to now) The plus version has more often updates, incorporates fixes to core product and as the blog says might also have some additional features Eg Implementation of captive portal is one important change. IMHO, freebsd 13 is the next big thing, Its the same base product with different customisations and different release trains. Or at least this is how I understand it is. I might be wrong :)

@stephenw10 Thanks, Ill give this another go and post the logs.

@stephenw10 The AWS side will likely propagate whatever you advertise to it, because I manage both ends and that's just how the virtual private gateway works in AWS. I guess there might be a slight risk here, but hopefully AWS won't make a change that reject these routes. Of course, ideally I hope that pfSense will allow the source to be configured in a future release of the OS. As far as I know, other firewall vendors are able to do so. /Thomas

That ^. Looks like it targets Linux on MIPs so almost certainly not. Steve

Hmm, I would not expect a 3100 to throttle at 650Mbps with a default config. You may have something else in the link throttling that somehow. Or some connection issue to/from the 3100. Though that usually produces a far lower result. Steve

@stephenw10 Done! Thanks!

@jimp said in Boot Environments ready?: If your system uses ZFS, yes. If you use that menu entry it should tell you if your system is capable or not. If you get a list of boot environments and options, then you're good. If you get an error, then it's not supported as-is (for example, perhaps you are using UFS, not ZFS) I did do a clean update to ZFS before. Thx

@stephenw10 Yes sorry 100Mbs Down and 100Mbs UP dedicated line

Right now you do but that's only until we finish testing the direct upgrade and switch the repo branch. Steve

@steveits Thanks a lot :)

Oh, I see I misinterpreted the screenshot there. Ok the first thing I would do here is spoof the Draytek's MAC address on the pfSense WAN. The modem or ISP is probably locked to that MAC. Steve

@deanfourie said in ntopng on FreeBSD - Help with autostart: So, ive gone ahead and installed ntopng from the website documents alongside pfSense as the pfSense package installer just never worked for me. Its installed and running smoothly, the only thing I am unsure of how to do is to autostart redis and ntopng on boot. Upon every boot I need to run service redis start service ntopng start Is there a way I can auto start these 2 services on boot? Thanks If you are on 22.01/2.6 and do not want to upgrade to 22.05/2.7, and can highly recommend installing NtopNG using my guide here instead: https://forum.netgate.com/topic/172084/a-guide-to-current-ntopng-on-pfsense-2-6-22-01/24 That uses the NtopNG pfsense package wrapper to give you control and start/use NtopNG as intended. But I just upgraded to 22.05/2.7, and the pfsense NtopNG package there contains a very recent release from the 5.2 stable branch - which works beautifully and is very stable. So I recommend using that approach instead of going “manually installed”

@johnpoz Yes sir they said that I can disable that It is a huge burden off my shoulders

Don't use Cron use scheduled rules: https://docs.netgate.com/pfsense/en/latest/firewall/time-based-rules.html You two rules with different schedules. Add the required gateway(s) to each one. Steve

@johnpoz Interesting, I’m in Nova Scotia, Canada