What config are you importing? What version? From the same hardware? When you import the config via the gui the config upgrade scripts are run against it. If you need to import a config I'd recommend using the external config locator via USB (if you're local to it). https://docs.netgate.com/pfsense/en/latest/backup/restore-during-install.html#restore-using-the-external-configuration-locator-ecl Steve

@stephenw10 I managed to fix the problem, but it seemed haphazardly. I tried installing pfSense 2.6 by DVD only to realize that the previous memstick method did install the firewall OS despite no OS found rebooting the computer. Then, booting from the DVD would start and hung on synchronizing user. So, I made sure that the bios were set to legacy mode and CAS was disabled then booted the computer. This time it hung on CSM; so, I powered off the computer and reboot again and select single user mode and created the file as you had instructed: echo 'kern.geom.part.mbr.enforce_chs=1' >> /boot/loader.conf.local It then completed the boot up, and I could restore backup configuration. We'll upgrade to version 22..5 when my friend return from vacation. Thank you Steve.

Well, late yesterday up till 19 minutes and 44 sec pass midnight, we were getting lots of sent to error 65 and some latency alarm; so, this morning spoke with ISP and it was their fault doing some update. We have fiber and no modem. It appears all is good.

Hmm. Weird that it's not showing queries in unbound though. Seems like however it's failing could be because it's not going via Unbound...

Hmm, the BOGONs option by itself should not have blocked it unless the subnet you were using is outside the usual RFC1918 private subnets. The 'block private subnets' option would have of course.

Indeed it was my wireguard script messing with this. Once i removed it, things are back to normal.

@stephenw10 yeah i forgot proxmox supports 'vmxnet', I assume its not as optimised as it is in esxi, but I do wonder if a multi queue 'vmxnet' on proxmox is more capable than a single queue 'vtnet'. It will be interesting to find out.

Undecided at this time. You could always roll back or switch to 2.7 if you need to though.

That's a side effect of how schedules are handled these days. The methods of fetching rule labels are not quite right there, but it's fixed on snapshots: https://redmine.pfsense.org/issues/13155 -- that alone wouldn't apply to 2.6.0 since there are a lot of other changes around after 2.6.0 there. Though schedules are not mentioned it's the same root problem since schedules are handled through an additional rule labels on 2.6.x.

Not personally. I'm sure there are many others here doing similar things though. Steve

@hayescompatible said in pfSense Plus generating corrupted backups: ror: SSHDATA at line 7349 cannot occur more than once in /etc/inc/xmlparse.inc:89 There's a known bug in the SSHDATA issue (https://redmine.pfsense.org/issues/13132) Check the redmine for details

@dnavas said in DLNA over VLAN: A how (not?) to: Your mileage will vary That is very true. I have seen users enable PIMD between the interfaces and do nothing else and it all immediately started working. I have seen other users spend weeks trying to make it work and fail. Implementations of clients and servers seem to vary significantly. Steve

@stephenw10 So I discovered a misconfiguration in one switch (LAN A), and seems like on HA mode, arpwatch has an option to avoid reporting CARP/VRRP ethernet prefixes that was enabled. To use CARP VIP and arpwatch together, that option needs to be check to disable those messages. Doing this it solved the situation. Hope this could help others since on documentation I didnt found anything.

@stephenw10 That did it, thank you. Here is the relevant thread and note from JimP about this rule. ( I cannot post hyperlinks) [image: 1657635731390-ntpsolvednatrule.png]

@stephenw10 Thanks Steven I will look this over and see if I cant make it work. Hope all is well.

The format is in the docs: https://docs.netgate.com/pfsense/en/latest/monitoring/logs/raw-filter-format.html

You should give more details on what you are asking for help with really. Also this should probably be in the Community Job Board. Steve

I'd also enable SSH now if you have not already so you can try to connect back that way. Steve

Hello, I've verified the problem. I got that notice after my rules had not been updated for some time. I followed iTestAndroid tecnique and confirmed that I had too this negate duplicate networks , so i checked "Disable Negate rules" and manually reloaded filter, which addressed the issue. but issue is not solved yet. I'have also tryed disabling nat reflection, but nothing Output of: pfctl -f /tmp/rules.debug is pfctl: pfctl_rules Following this thread after solved the duplicate ruleset, a reboot was needed. That solved the issue for me.