@gertjan Thanks! Its Working as expected!

Yeah, seems like the gateway device is running proxyarp for some reason. If you can connect to devices in the WAN subnet but nothing upstream from that it's either because there's no default route or the outbound NAT is not functioning. Either are probably because the WAN gateway is not configured on the WAN interface itself. Steve

I think it's just the gaming apps not sending UPnP requests. I'll set up a pcap when I have time to fiddle with it. In the meantime, for anybody looking into testing UPnP, here is a good read on the upnpc utility you can use to do just that: FYI: Tool to test and set Port Forwarding with UPnP

Yeah, if those numbers were a lot larger or continually incrementing if would be more of a concern. Those could have been caused by unplugging OPT1 or OPT2 at some point. Steve

Yup, many 'modems' like that no longer route traffic after setting bridge mode because they no longer have a public IP to route it from. So you cannot use the wifi which relies on that. Steve

Yeah, it 'feels' like something that takes too long to process which would be load dependent. Anything less that 5s always seems to fail though. Add anything that might be relevant to the bug there. Steve

@jsmiddleton4 Thank you. I appreciate that! You are right, probably no one is going to hack into my APs but being in IT for years, I also know how us IT nerds are, so its more I want to just be aware. I cant be aware of everything nor will i know how everything works but the more I know about my network and what looks right/doesnt the better off i'll be. Its all fun and learning for me especially now that im in more of a project management role instead of IT i actually WANT to work on these types of projects and learn for fun. Let alone, watching Mr. Robot did not help in the 'people are hacking you' thoughts. lol. DHCP6 will come down the road. My next goal is setting the plugins up and watching everything. I am curious because i just got alerted that im over my data cap again! Something is def. off since its not every month. Ive already got a good idea of whats on my network but i've been running ip scanner for a few months now and just noticed a few more things that im gonna double-check. Good information to note in regards to the NICs etc.

I upgrade numerous boxes daily between snapshots and have never seen it become a problem. Currently I see two previous versions stored there, ~200MB.

Mmm, you could probably run a scan manually using ClamAV if it's installed and updated. No idea if it has any signatures for 64bit ARM FreeBSD though! Steve

@bingo600 said in SOLVED: pfsense vm or physical?: @lewis I'm not talking about a VM going down unexpected. I'm talking about the times. ie. my ESXi servers has been down this year due to critical patches, that had to be applied to ESXi or vCenter (well servers doesn't need to be taken down to patch vCenter). /Bingo Oh yes, very good point. In that respect, pfsense running on its own hardware is never an issue. I've never had an update cause down time. That alone seems to seal the deal. I've also run pfsense as a vm using two of the blade nics. It works as expected, just a bit tricky to set up but you're right about the host.

Hyperthreading enabled. [image: 1641594336666-screenshot-2022-01-07-172457.png] Hyperthreading disabled. [image: 1641594839150-screenshot-2022-01-07-173308.png]

@stephenw10 I may not use it. It fits my design goal, free. Totally not needed. And I'm not all that eager to have a video card fan start squealing. The box is in a work at home office. Someone gave me an electric boat trolling motor. I'm looking at connecting it to the battery in the PFSense box UPS. Stick the propeller into the case. Cool that sucker DOWN. There'd have to be some tweak to the NUT package though.

@viragomann Yes! Thanks!

Ahh that's brilliant, I didn't equate that option in the advanced settings with the config file. Many thanks

What are those IPs? How is the OpenVPN server configured? What change caused this to start? Steve

@ericarias1984 Figured it out. Looks like the password I was using was too long (must have been truncating it).

@accidentalit said in Configure Comcast static IP on WAN: Static IP Range: 50.199.13.49 - 50.199.13.49 CIDR Block Number: 50.199.13.48/30 Gateway IP Address: 50.199.13.50 Subnet Mask IP Address: 255.255.255.252 If they have assigned you those IPs you should just be able to enter them in pfSense and it will work. There's nothing else you can do in pfSense to make that work. If it's not working it's with the Comcast modem that isn't configured to use it or Comcast is not routing that subnet to you. It sounds like your connection is configured for a dynamic IP and hasn't been reconfigured as static yet. Steve

@pvasirani your clients asking pfsense for dns should have whatever search suffixes they want to use on themselves. If you want unbound to ask specific NS your running locally on your network when a client asks for something, this would be setup in a domain override on unbound.

Nope the upgrade will take care of it. The patch will remain in the package but will show as applied because it's already in 22.01. You can just delete it at that point, do not revert it! Steve

@jimp Thanks so much