It seems like i dont have internet connection, but it is filtering internet traffic WAN-LAN in bridge mode. What URL does the PFSense need to reach to be able to update? getting Updating pfSense-core repository catalogue… pkg: https://pkg.pfsense.org/pfSense_v2_3_2_amd64-core/meta.txz: No address record repository pfSense-core has no meta file, using default settings pkg: https://pkg.pfsense.org/pfSense_v2_3_2_amd64-core/packagesite.txz: No address record Unable to update repository pfSense-core Updating pfSense repository catalogue... pkg: https://pkg.pfsense.org/pfSense_v2_3_2_amd64-pfSense_v2_3_2/meta.txz: No address record repository pfSense has no meta file, using default settings pkg: https://pkg.pfsense.org/pfSense_v2_3_2_amd64-pfSense_v2_3_2/packagesite.txz: No address record Unable to update repository pfSense post did not help.

This smells like it could be related to two other issues I had after upgrading from 2.2.6 to 2.3.2: https://forum.pfsense.org/index.php?topic=109938.45 (starting post 47 and ending post 49) Which subsequently led to a follow-up question which went unanswered (and still unresolved): https://forum.pfsense.org/index.php?topic=118578.0 Could all of this interface weirdness be rooted in the upgrade from 2.2.6 to 2.3.2? Prior to the upgrade I was having none of these issues….

thanks for all your replies. i'll check these options out.

Grazie mille I will try that!

Or create a dhcp reservation and have those registered in your resolver or forwarder depending on which one your using.. The resolver is default out of the box.

Can't I trap any adware/trojans at a network level using pfSense? Not with PFsense alone, no.  Remember, PFsense is a firewall distro, not a UTM.  Are there creative things you can do to stop the virus from communicating back to its home base?  Sure, like Stewart suggested…e.g. host file entries, DNS entries, domain overrides, firewall entries, etc, but that's not an effective or efficient way to fight an infected PC and none of those options actually resolve the infection. As for using the "Reset this PC" feature of Windows 10, does that mean having to reinstall all my apps? There's an option to keep your files, in which case I believe it will just re-install the system files and keep your apps, but from my perspective… why keep the remnants of a compromised system?  Re-building with a clean environment is your best option IMO.  Having to re-install your apps will still take less time than trying to thoroughly clean an infected system.

To be sure it works with another router, I tried the following: [image: 2upfo1w.png] The 'Debian 8 Fresh Install' is another fresh install of the 3CX server. VLAN ID 0 is untagged traffic going to the Toughswitch, I changed the phone to this VLAN also, and it works. [image: 6pb586.png] The phone shows up automatically. This network is connected to a Edgerouter Lite, with basic configuration. But as you say, the multicast is running on the switch. And about this I found the following: https://communities.vmware.com/thread/470492?start=0&tstart=0 I will try migrating to a distributed switch. The IGMP proxy I already tried (see my first post), but it didn't help.

@Mr: I tried late at night. Then I got 850/100 when connecting directly to the modem and 30/100 when connecting througth pfSense 850 is close enough for now. The 30/100 is very consistent, seems always 30 never slower….??? Hardware/Software pfhttt! what do I know. Your machine. So, back to the LAN or WAN. If you want to try running it in router mode for testing. System/Advanced/Firewall&NAT\ - Try test with packet filter off. Open it up until you figure out bottleneck, takes alot of guess work out of the way. If it speeds up(a lot) you win,search is smaller, if not you still win. If you have 3 nics you can try to isolate one while testing 2 with- Interfaces/Interface Assignments- test different NIC for wan. In router mode this would be easier. Less setup time. Try Wireshark and read the traffic chatter. Compare with best speed captures. It could still be between your pc and pfsense also so check your details for the pc nic connection. On PfSense- Status/Interfaces-any errors or collisions? Wan or Lan. System/Routing/Gateways-add Gateway to get dpinger monitor logs Are all your services running. Check System Logs and gateway log, Resolver, etc. Find the others here some good error logs. ;) Not sure if this is useful advice myself,guessing here. Good hunting.

Excellent- thanks so much! Off to a great start!

thank you.  I will double check and again, thanks! hope some day I will be able to contribute my knowledge with other noobs as myself. :)

It's always in the context of the interface itself.  In means receive, Out means send.  Traffic comes in from the WAN and then gets sent out to the LAN.

Your best shot is to use the packet capture feature on the LAN (at the IP of the phone) and grab a capture of the call.  Then open it up in wireshark and go to Telephony -> VOIP Calls (I think that's where it is).  Don't limit it to port 5060, just grab the whole thing.  In there you can look at the flow and see which side hangs up.  I'm assuming you are using a hosted system and not just SIP trunks.  If it's a hosted system this should give you a place to start.  Also, don't rule out firmware.  If this is the only one of this model you have then you can't really compare it to the others.  All you know is that your rules are likely OK in the firewall but capturing the packets is the next step that I would do.

@pfcode: @johnpoz: my guess would be its something pulling a crl for a digicert http://crl3.digicert.com/sha2-ha-server-g5.crl Is on that IP.. Should I suppress it?  What is pfSense doing to issue a connection to this IP? Like already noted it's pulling a certificate revocation list (CRL) to update it in case the certificate has been revoked for whatever reason. You should be able to make your own call if you want this to happen or not.

its a smart switch, I have plenty of ports left I'm just trying to get the most out of my network with the least amount of trouble. I want to keep the same subnet for all the ports on the pfsense box so all of my network can see everything but my guest. I have the guest access part figured out, my one airport will have the guest access turned on. that same access point I want to be able to throttle the bandwidth, my other airport access point will be wide open for bandwidth. my switch I have setup into four groups of 6, one group does one 4 port card in my ftp server group 2 does the other 4 port card in that same PC, I have 3 NAS's on the 3 group, and the last group has my pfsense box and wifi access points. my network is probably broke up in a bad way but it does work for now I would just like to simplify it and have better control and network information. im not all that great on networking but I can get around and figure things out. one thing I don't know is vlans, are you referring to port bridging?

@webtyro: Possible issue? https://forum.avast.com/index.php?topic=160822.0 The post date was 2014 and now its 2017 and avarst still have this problem  ??? Thanks for the link it help me out, if I want there avast cert installed I think I will have to go to the avast forums to get a little more information on how to set it up right. @doktornotor: Remove Avast. Alternatively, at least disable the horrible SSL scanning "feature". I disabled the ssl in avast but when I clicked on web config page to log in it asked if I should "continue anyway" I clicked on the cert this time not blocked by avast and I installed the CA for pfsense so far it is working fine Thanks webtyro and doktornotor for your help.  8)