At least for their regular DSL Fusion X2 service their 6rd works with pfSense. Just configure the modem to bridge an Ethernet port for pfSense WAN port. Configure pfSense to use the 6rd settings they provide. It's tunneled so it's not as good as native IPv6. You wind up getting a /60. Don't know about their resold uverse or fiber products.

Still trying to get this to work. Using the utility "radtest", I noted that the radius server seem to be just listening on the WAN port of the box, eventhough I configured Freeradius to listen on a LAN port. Anyone? Need more info?

help me please :(

I'm not aware of an plans to do that. It seems unlikely to happen. I think it would need to be significantly more used to consider it to be honest. You should be able to use it as a package though. Steve

Would we still use private LAN addresses? Just to clarify, there are "private" addresses.  There are unique local addresses, which are similar in function to the RFC 1918 addresses in IPv4.  However, they are not normally used for NAT.  There are also link local addresses, which have no equivalent in IPv4.  Every IPv6 capable device has one, usually based on the MAC address.  It's what's used for router addresses.  It's also used for other things that are confined to the local network.  For example, Windows HomeGroup networking uses it.  In fact, it won't even work over IPv4.

Hi sparkman123 I prefer partedMagic (solution for all things I need to do) or kali linux. I rarely stresstest my systems, I often need to test the performance, so openvpn/openssl is good to test the stress as well e.g.: iperf -c IP -t 60 or openssl speed -elapsed -evp aes-256-cbc              [if your CPU/OS supports aes-xyz then you choose some it doesn't so the CPU has to work, not the crypto part alone] As openssl is often preinstalled it's my first choice for seeking CPU limits Cheers Michael

Hi folks again: is there a more expanded or sampled php_shell explanation? Important is the -VLAN creation -assigning VLAN+Naming it -enable DHCP+setting the right suffixes -enable NTP -enable DNS -copy or create FW rule set Cheers Michael

Thank you.  I guess in addition to pfSense being updated, the iMac & Safari were updated in last few weeks also and maybe that has caused this to start happening. I'd rather not add another browser to my system so I'll just make do with a dashboard refresh instead.

@johnpoz: "don't let your ISP know buy a VPN " Yeah lots of people say this - especially the guys selling vpns ;) heheeheh Its got to be one of the most hyped up buzz words currently.. Next to dns leak - both of which I am just sick of hearing to be honest.. Idiots don't have a clue how dns works at all - but now they are freaking out they might have a dns leak… Oh my gawd, my isp might know I did a query for pfsense.org.... And wtf they know I go to amazon.com and facebook --- F'ing Bastards spying on me ;) Yeah there is more to it than that though. There are methods I do not fully understand that content providers are using DNS to geolocate. Watched one guy try to get a baseball game and couldn't due to regional blackout then switched to some DNS spoofer (no VPN or anything, just new DNS servers.) I said "it's not going to work" then it god damn worked like a charm. All season. I can't remember the name of the service but it's what they do. So there is more to it than rampant, unjustified paranoia.

Boot a vanilla FreeBSD 11.1, if it shows the same problems report it to the FreeBSD developers. If not create a ticket on https://redmine.pfsense.org.

Sammy to user:  Plug in the RJ45 cable, it MUST go in with a SOLID POSITIVE CLICK and no mushiness.

@aagaag: which rules do I need to set up in order to make sure that asset with IP 10.10.0.1 routes through the WAN whereas 10.10.0.1 routes through OpenVPN? ??? That tutorial seems to be very old above all (pfSense 1.2.x?) Don't set an allow any rule on the OpenVPN interface as described in the tutorial if you have no special reason to allow incoming traffic from VPN! Remove the redirect gateway option and check "Don't pull routes" in the client settings. Add an alias to pfSense in Firewall > Aliases > IP and add all IPs to it you want to direct over the VPN. Add a firewall rule to the LAN interface or which one the vpn devices are attached to, allowing outgoing access, open the advanced options, go down to gateway and select the OpenVPN gateway.

Yeah there are going to be a HUGE amount of false positive on the free and or even the paid threats.  This is the very nature of IPS… It takes a lot of time to tweak it for a specific network to not show lots of noise.. It just blows my mind how users think oh clickity clickity full blown IPS for free and zero noise or false..  Like saying hey you know which end cuts on that scalpel, sure your ready that open heart surgery then ;) Do you really think IT is that easy that any billy bob can push a few buttons on a gui and be all set with something like a IPS??? How come users don't think they can tear apart their transmission and rebuild it - but any tom off the street thinks he can fire up a IPS system to block down stream natting with a click of a button? ;)

Cheers. I knew it would be something simple I missed. Had to put the outbound rule for the VLAN for OPT1. Now it's all working. As soon as I type the last reply I realised my error. Sometimes it just needs a fresh pair of eyes. Thanks

https on squid is a mega pain. Checkout pfblocker for a cleaner internet. (ad free) That post on the site was from 4 years ago alot has changed

There is no need to create an alias.  All your networks you create n pfsense will automatic have a listing and will be in the destination dropdown when you create the rule…

@johnpoz: "The Unifi AP is on port 39, 41 & 43" Then vlan 1 if that is your 192.168.0/24 network needs to be untagged on these ports if you want to be able to talk to them, same with your controller it needs to be on a port that is untagged. if your going to want to use vlans between switches then the ports connecting them should carry all your vlans tagged.. thanks johnpoz it worked  :)