@areckethennu said in Noob Question: How to Get to my NAS from the Internet?: Asustor provides a Cloud ID via their EZ-Connect service, but I don't know how trustworthy that is or what it would take to punch through pfSense. Probably nothing required in pfSense as long as the NAS can connect out. By far the safest way to connect to the NAS is using a VPN to pfSense. Probably exactly how you did it before. That way you have complete control over who can connect at all and when. A public cert really gives you nothing additional there and in fact can be argued to be worse since you don't control the CA. Use a remote access OpenVPN. https://docs.netgate.com/pfsense/en/latest/recipes/openvpn-ra.html Steve

You probably don't need SWAP at all. However you're no-where near using the available drive space so I would just keep any eye on the usage for now. Steve

Anything that differs from the defaults is shown with the trashcan next it. If you remove those you will have the default values. Steve

@stephenw10 this is amazing! I didnt know about it! Ill report back for future weirdos! Thanks a lot

@ben-ihelputech @gertjan said in Add support for OpenID Connect: Facebook removed themselves from the Internet for a couple of hours. This wasn't Google fault. Lol now I remember what you said. I think it was something like a BGP mis-config or something like that. The world was probably about 20% more productive that day @gertjan said in Add support for OpenID Connect: never used it, but this PIN code is a rotating one, valid for 30 seconds or so. I think the way it works it that you enter the PIN + the TOTP (which is the 30 second rotating pin). @stephenw10 said in Add support for OpenID Connect: No support currently. You can open a feature request: https://redmine.pfsense.org/ Steve Will do!

Just pull a page from it, so maybe: fetch http://<timeclock_IP>/index.html > /dev/null Steve

How is the host itself attached? Is it possible there's a loop created? Otherwise this seems like a VBox firewall problem... or maybe something on the host itself?

@stephenw10 said in Restore .xml 22.01 possible bug: Was this after upgrading to 22.01 or after a clean install? It was a 22.01 clean install. @stephenw10 said in Restore .xml 22.01 possible bug: Had it rebooted since then or was the reboot to create the RAM disks the first time? System was running perfectly, reboot and etc... Then , decided to enable RAM disk and the system rebooted to complete the process, and the kernel and pkg info problem happened. Thats when I decided to restore the configuration and noticed the ssh keys problem @stephenw10 said in Restore .xml 22.01 possible bug: I haven't seen anything like that and I did spend some time playing around with RAM disks on the 3100 specifically. I can't tell why the RAM disk problem happened.. Also, I don't know how two ssh-keys ended up in my configuration.. But this post may be useful in case this happens to someone, the only action you need is to erase the ssh-keys from the .xml and restore it again..

Installing the recovery image and then a restore has fixed this issue. Thanks to everyone for their advice.

@gwaitsi I have a 4 port HDMI & USB KVM. However, in your case,it might be easier to bring the pfsense computer upstairs. Also, my Qotom has a serial port. If necessary I could use it. Running a serial cable isn't hard. In fact, you can use an Ethernet cable, with Yost connections. You just configure a DE-9 (It is not a "DB-9") connector for each end as needed.

Hmm, where are you seeing that log? ff00.Internal.private is the pfSense host name? Are you handing Internal.private to clients via DHCP to use as a domain? That's clients requesting the wpad file for their domain. Unless you have set it up specifically it won't be on pfSense. It looks like pfBlocker DNS-BL blocking those lookups maybe? Steve

Yeah, if all the app traffic is being proxied through that it's the first place to check.

@stephenw10 okay, I'll open the ticket.

@stephenw10 Thanks, so the enemy is within :)

I'm sorry you had such a hard time with this. I'm still not completely sure what you tried to do here and what happened. Restoring a config in the webgui, actually uploading it and converting it to the current config version, should be near instantaneous. Once that's done it will ask you to reassign the interfaces if there is a mismatch and then reboot into the new config. I assume that did not happen when you tried it though. I can't see any support tickets from the email address you used here but if you have a support subscription and didn't receive the expected level of support I would very much like to review that if you have a ticket number. Steve

@bmeeks said in iflib_netmap_config: Those are harmless information messages from the netmap kernel device during its initialization. It is printing out the current configuration of netmap based on the NIC driver being used. It is detailing the number of rings, TX/RX descriptors, and the buffer size that will be used. There is no way to stop the message. It comes from the kernel device itself. Nothing pfSense nor any packages can do about it. Thank you Bill...the only way I saw it was hooking up a monitor to my pfSense box, a rare occasion...was thinking to do a clean install since I had upgraded from v2.5.2> 2.6RC > 22.01 release.

Try restarting php from the menu if you can still ssh in. I had assumed you were connecting to the serial console, which should always be available. https://docs.netgate.com/pfsense/en/latest/solutions/sg-5100/connect-to-console.html What php error are you seeing? Steve

@serbus You will need to reinstall 2.6CE and then upgrade through to Plus.

@stephenw10 said in Proxy Support ?: I mean connect pfSense to the VPN and then use policy routing to send whatever traffic you need across it. That could be all traffic from a particular internal interface. Thanks for the help, I already have it!

@jimp Those times corresponds to Suricata updates. I've adjusted it to be daily at 5:37 in the morning which should be pretty slow. We'll see how it does.