Hello everyone Thank you very much for all of your comments. I finally managed to get it back up running again: Whenever you change the mac that is going to be connected to cable modem, you normally need to reboot the cable modem between so it gives up its old pairing. That did half of the trick. Even though I rebooted the cable modem a few times, apparently I never rebooted it between interface changes. It looks like it is necessary to reboot the modem really after every single time the MAC address changes. After getting a DHCP IP eventually, I still could not reach the internet for some reason. What was missing was that I needed to select System -> Routing -> Gateways and select WAN_DHCP from the dropdown list for "Default gateway IPv4" (It was set to "Automatic"). For some reason, automatic did not select the only gateway in this list...

I appreciate everyone's help in troubleshooting the experience I was having. ATT provided a new modem and has resolved the connectivity issue.

Yeah, I would recommend always setting the gateway to something specific there. Steve

@mike3y said in Crash Log - How do I get it?: All internet stopped working. Check your logs if there are any indications.

OK, I think I see what happened. When curl tried IP4 silently, it failed to connect, so then it switches to IP6 and shows it. This same effect happens when you're blocked and you try to update Ubuntu. You get a screen full of blocked IP6 attempts.

I'm not aware of any such document. The xml file should be self-explanatory for the vast majority of things. Perhaps if you list what you're specifically not understanding, someone can help.

@str8edgedave said in Logging question: I don't care that there is IPv6 traffic on my LAN, it's just really noisy in my log systems. Then just block it with a custom rule without logging set. Steve

@stephenw10 A RasPi is too big and you'd had to buy it.... My point was that if refrigerators or light bulbs had something like a better ESP32 SOC (which they don't have), one could hide the PBX there. In case of a broken fridge or bulb, this would also lead to service calls for the service provider's hotline. I wonder if they would figure out, when the customer says, that whenever the light bulb is defect, my telephone doesn't work, too (unless you inform your family members or friends, which you wouldn't do). The ISP restarts the PPPoE connection every 24 hours, this is why I came up with the Shellcmd script of type after... This may actually not be necessary, if I control how Asterisk gets restartet. I need to look at the details, but the Asterisk start script in /usr/local/etc/rc.d also seems to get repeatedly called within a short interval, which likely lead to the race conditions I sometimes observerd (lot's of network errors). Since the Shellcmd script at first cleaned up the entire runtime environment of Asterisk, my problem seemed to be solved. The only thing I probably need to do is making sure that Asterisk does not get started within a too short interval and that at first the old daemon gets properly killed, i.e. basically my Shellcmd script as the start option of the rc.d script. I always wondered why safe_asterisk was so bulky---there's probably something similar inside the script.

No worries. Nice catch!

@hrohibil said in Two separate LAN cards?: 4 GB DDR3 Probably indicates a 64bit CPU.

yeah half-in IPv6 can introduce delays like that. Disable the DHCP6 server on LAN Edit LAN and change IPv6 track interface to None. Edit WAN and set IPv6 to none. Alternately, and probably preferably, get with the ISP regarding where they are in IPv6 deployment and get it all turned up correctly.

So yeah it was only 1 computer. A reboot fixed it.... all is (as close to) normal as it can get. Hectic morning. Nothing to see here. Thanks for listening to my craziness.

You may have triggered SSHguard if you tried to login and failed several times. You should still be able to SSH from some other IP if that was the case. SSHing from some other device in the same subnet should work even if it list routing info for example. Do you have a config backup? Steve

I would bounce them all. Bounce the cable mode first. After it comes back up, bounce pfSense. Check to see if it picked up an address.

Yeah, both those things^ Doing this in stages may introduce further issues. If you start out with pfSense behind your existing router and move your IoT devices onto a new subnet behind that you would not be able to reach them from devices on the original LAN for example. That may not be a problem. You could do it the way around and start out by putting pfSense in place with your existing router behind it but there will be down time. If you don't have separate wifi access points you might want to do this: https://docs.netgate.com/pfsense/en/latest/wireless/use-an-existing-wireless-router-with-pfsense.html What sort of VPN will this be? For accessing resources behind the firewall when you are remote? Steve

You want to redirect to /dev/null? Or to the system log? Steve

You should not have to do anything. DHCP will assign your WAN address, subnet, and gateway. Your firmware version looks ancient compared to mine. I would start there. https://motorolamentor.zendesk.com/hc/en-us/articles/216091737