When you set outbound NAT mode to manual all the auto-added rules are created as manual rules to start with so you still have connectivity. When you go to Hybrid mode those manual rules are not removed but the auto rules are also applied. You will see most are duplicated. You can remove all the manual rules except the VoIP rule you added as the auto rules now cover that. Steve

I just found this being discussed here

fe80 are link-local addresses. I wouldn't expect to see host names against them. Do you see host names in the dhcpv6 leases table? Steve

Thanks to Netgate support. To close this loop, it was this bug: https://redmine.pfsense.org/issues/11626 For now, an stunnel is required. It should be fixed in 22.09. Thanks again!

@stephenw10 I have dropped out of many groups because members reply with a redirection in effort instead of working a problem. One fellow asked why I wasn't using a VPN to access my web content. I explained that the purpose of the website was for public use, not private. Or one fellow suggested I change from ESXi to ProxMox... Naw... too complicated for my purposes, and it means starting over from ground up. I have enjoyed pfSense and need to be sure I've got it set up to give me maximum protection. One fella said Port Forwarding was risky as it opens you up to hackers. Well yeah, I knew the apps would be at risk. That's why I use ESXi, and backup my VM's. Get hacked... dump and replace... My next job is to configure the email blocking that is provided under "feeds". Thank you Steve

Really you need two interfaces to do this. Assuming your laptop only has one NIC that generally means you need to use VLANs and a managed switch to create a WAN and LAN interface. Then you should connect the pfSense WAN to the ADSL router and all the clients to the LAN. If the ADSL router can be put into a bridge mode so it passes the public IP to pfSense directly that would be better. Steve

@stephenw10 Yes it seems to be showing this morning. Of course it was the day I needed to restore from backup. Thanks

@stephenw10 said in Automatic Config Backup (ACB) not working/missing backups: It's an issue at our end in the server. Our team are working on it. Backups should be available currently though if you have not yet restored. Steve Ok, thanks for the reply! I'll have some patience than. ;-) [update] Indeed they are available now! Thanks

Well, that worked, thanks so much. Feels a bit better seeing it upgrade and upgraded. No idea how I'm going to test the proxy as I've decided to do something different. Have not gone back to it since finding the problem.

Thanks all. I'll let Negate handle it.

@johnpoz Default lease is 7200s/2 hrs. Also, "Ping check" is enabled by default to try to see if an address is in use before assigning a conflict.

Humorous thread with an evil ISP, indeed.

I assume you only have one NIC in that device? You can still leave LAN assigned as the parent interface directly and assign VLAN99 as an OPT interface. Steve

Mmm, but you can set the default source to a non used port for example it won't ever log anything. Just use your custom source on the real port. Or just use a non standard port to send traffic to your custom source. Steve

@johnpoz Hi Johnpoz Thanks to you and all of the above for your replies. I was seeing some very strange behavior which looked like some kind of corruption to me:- Addresses were not being blocked even though they were clearly in a rule. Some addresses within an alias were being blocked while other were not. When I'd clicked on an alias it would open a different one to that clicked on. I tried a reboot to see if that cleared anything and during the pfsense startup my screen was just scrolling with errors of myriad description; file errors, device errors, api errors, version error and interface id errors ... ... I have backups of my settings so I'm just going to do a rebuild and import, as currently I can't trust a thing I read. I'm guessing that was the issue all along and hopefully It will be cleared after the restore. Thank for you help everyone.

https://redmine.pfsense.org/issues/12747 If you don't normally see that it implies something was causing one of the other logs to fill and be rotated more frequently that normal which could be a clue. Looks like every 3hrs which is not that fast for the default log size. A ddos attack would log far more for example. Steve

@nogbadthebad Only the last octet is changing and mostly it is just 1-9 for me.