Yeah, the dependency is two fold. The default config has the WAN set as DHCPv6, the LAN set to track WAN for the IPv6 prefix and a DHCPv6 server enabled on LAN. To disable that first disable the DHCPb6 server on LAN. Then you can set the LAN interface DHCPv6 type to none. Then you can do the same on WAN. Steve

Right. If you were using the Filer package you would need to update it there instead to avoid it being overwritten. Steve

Yes, exactly . The traffic hitting the bogons rule is all going to be that same IGMP I imagine and that's not really at all useful to log. So just stop logging traffic on the bogons rule and you will have far more log space/time. Steve

I don’t know. I don’t have any other vpns setup. Anyway… Thanks for the support. @stephenw10: I owe you a beer!!! :-) Problem is solved. Kind regards

Also remember LAGG of 2x1G interfaces doesn't mean you will get 2G of bandwidth for one single connection. You will at MAX get one single 1G stream and if your application can use multiple streams you could get 2x1G.

@stephenw10 hi, thanks to your post you made me think to check an interface that I use for the Wifi Guests, and in fact I used them the same subnet, changed that one it is solved now everything works perfectly A thousand thanks

@stephenw10 Good call. I may have to upgrade my NICs to get the most out of all of this. I'm not sure they are up to snuff.

Yeah, there is an issue with the RSC feature which is enabled in hn(4) in FreeBSD 12.3 and hence in 2.6. Depending on how you are hitting it you can workaround it by disabling RSC on the vSwitches or in the VM interfaces. The vSwitch change is permanent, the VM interface change is not. Since you are seeing slowness to the WAN you may be able to resolve it using only the switches. Steve

That's expected if it's using a self signed cert. What cert is it presenting that's showing that error? What did you upgrade from? I assume it wasn't showing a cert error before upgrading? Steve

That's not an error if it's actually not ZFS. Just an artifact produced by switching the ramdisks. I would not worry about it unless you're seeing issues with logging. Steve

@steveits Oh Really ?? thanks a lot. I have upgrade the Ram to 8GB so i can go 2 million. Thanks a lot.

SOLUTION @stephenw10 Jepp, changed from chrome to edge, now i see the info. Thanks

@packetpirate said in WAN and LAN Traffic Graph at Idle: Looks like about 10 requests of length 46 per second I get more than that ;) heheh Just checked and about 32 a second worth of arp.. Its horrible the isp should really limit that, its not hard to do.. I hit my 100 packet limit of my capture in like 3 seconds.

@a1itto said in Unable to edit rules due to bogonsv6? (I've tried the Max Table Entries setting): when my setup can support IPv6. Dude that could be 10-20 years before they start turning off IPv4.. Maybe even longer - do you really think say next week amazon.com is going to say you know what, only IPv6 now.. They don't even have it now ;) Either does twitter ;).. Or ebay even.. While sure IPv6 is the future, that future is not any time soon that is for sure. Even like 4th biggest site really on the planet.. baidu.com doesn't have it.. Again - set the table limit up, mine is at 1.6 million, set it 3.2 million your trying to load a lot of tables like you know china's IPv6 space in pfblocker..

@johnpoz said in Default LAN - is it possible to tag as x VLAN?: @d2freak82 create a vlan on pfsense, and then set your lan interface to use the vlan on parent interface that is your lan. Thank you! That's exactly what I was after

@jimp said in SSH + Plink + Pfsense 2.6.0 = Security Risk: I haven't seen a prompt like that before, it may be something in how plink is authenticating. I got it working again. The inial problem consists of 2 problems. By default, Plink could only work when the admin account was enabled, but this was resolved by installing Sudo The second problem of asking to press return at the end op the Plink command, after getting access granted, was caused by Plink itself. When i first encountered the Plink malfunction problem after the Pfsense update to version 2.6.0 , my thought was, that maybe my Plink was not compatible anymore, so i downloaded and install the latest Plink version (0.76) But in fact it's Plink itself that caused the second problem. After some Googling with the "Access granted. press return to begin session" message, i discovered that this is caused since Plink version 0.71 and beyond. My old version of Plink was apparently before 0.71 , i have now installed the latest version (0.70) that don't have this extra need for interaction and now everything works back fully automatic. I know that using a old version of Plink is also a security risk, but SSH access from the WAN side is blocked, and can only be used from my internal network. The admin user is also disabled for login, like it was before. Big thank you to Jimp and nogbadthebad for the help. Grtz DeLorean

@stephenw10 I didn't realize that I was able to create an interface for VPN. I did that (and it booted the remote users, lol), and was able to configure the FTP Proxy Client plugin to work with it. Thank you for your help!

@nollipfsense Also of note USB NICs will change the NDI, too. They're not the only thing that goes into the NDI but they're the most likely to cause a change.

@mrpete said in page fault kernel panics after 2.5.2 upgrade: the fact that it is a UFS panic proves fsck is needed? Yes, that. You would not see that panic if ZFS was used. Steve

@anetde said in sshd trying to connect to ports 25/ 465/ 587: the default deny rule on the WAN interface logs lots of blocked connection attempts sourced from the gateways WAN IP to public IPs in the wild on the mentioned dest-ports. That implies blocking outbound connections which would normally be allowed. Can we see these actual firewall logs? I would run ps -auxwwd and look for some script openning ssh sessions. But note this is sshd, the server, logging that. This looks more like someone use ssh as proxy/tunnel and trying to send mail across it. So just look for ssh connections inbound when that happens. Could be an admin connecting from a compromised machine without knowing. Steve