Yes, there are many ways you could do this. Really having the TP-Link as the main router is restrictions here. If you have something else behind it as a VPN server that creates a local routing problem if it's i the same subnet as hosts that need to connect to the remote VPN subnet. If you can't swap out the TPlink for pfSense then consider what it can do and build anything else around that. If that can do Wireguard it would likely work since Wireguard inherently includes routing.

Nice catch. Yes, exporting and manually removing that from the config should correct it.

@macaruchi said in Vlan wifi doesnt connect: There is a way to send any packets to this vlan to test the conectivity? Connected a PC or laptop to the pfSense interface an configure it's network port for this VLAN.

@cornerstonefound said in Guys, totally new, I need 3 ports to connect to different things from minipc how simplest way?: Do I set all this up in the pfsense GUI and so on? Yes. At the first boot after install you would assign the NICs to interfaces at the console. Then connect to the webgui on the LAN interface and configure the other interfaces. Steve

@stephenw10 I see, thank you very much for your answer

You'll also be able to see the interface names at the console or by running ifconfig at the command line.

What version did you upgrade from where it was working?

@stephenw10 My ISP finally called me back this morning and said that it looks like the box outside is going bad. They are rolling a tech to replace it this morning. Will see what happens.

@mcury The mistake I was making was to enter the username just as straight text, ie "pfsense". When I switched to "CN=pfSense,CN=Users,DC=lan,DC=company,DC=com" the bind authentication started working. The authentication appears to be working. Now on to making it secure. Thanks for posting the screen shot.

Once created the LAGG appears as any other interface, you can assign it, you can create VLANs on it etc. You can then select the LAGG, or VLANs on it, to assign as existing interfaces and that way keep the existing subnet and firewall rules etc. Steve

@Mikalatto Hi Mika, do you have a picture or model number of your equipment? Is your fiber terminating into this Nokia ONT and then going directly to the WiFi Hub? You may have a newer setup than I do so I might not be able to help. My connection is currently setup where the incoming fiber terminates into the Nokia G-240G-A ONT (same as in the Facebook link) and then from there it's ethernet to my pfSense box. There is no WiFi Hub necessary.

@johnpoz Thanks!

If you reboot and then check the log when does that first appear? At what point in the log? Also check /tmp/php_errors.txt

@magoo_it said in PHP error after reboot: It seems that today is not my best day on IT ... well better days will come. aww, don't be so hard on yourself. I have to keep a sticky on the Reddit group about this tool because it seems very few people there know about it, either.

@stephenw10 Thanks! Regards.

As shown in that thread you can edit /etc/skel/dot.tcshrc which is where that file is created from. However that still might be lost at a firmware upgrade. I created a feature request for this: https://redmine.pfsense.org/issues/14746 Steve

Hmm, maybe something else was using some bandwidth?

Nice catch. And relatively easy fix.

For some weird reason, I though that L2 VPN was only used for remote access, not for peer to peer. I've successfuly migrated from Vxlan to Openvpn. Thanks for your help

With the mitigations in place the C3558 will do 1Gbps, I tested that. So pretty much anything recent.