@stephenw10 Thanks, it was good to get clarity as to why this is so, and that's OK. ;o)

Ah, good call!

Urgh, well bad news on the hardware but always good to hear support feedback. Steve

Thanks all for the advice. I have set it to 8.8.8.8 and increased the probe/alert intervals.

@bmeeks Thanks so much, adjusted accordingly. This being my first Pfsense setup I guess I am bit nervous, I'm use to working Sophos XG NG's and Junipers completely different animals and with this system going thousands of miles away just want to make sure I am providing them with a secure device.

Hi! Just to close this. Bought another unit and it is now working perfectly. So it was, indeed, faulty hardware. Thanks @stephenw10 and @Patch for the help. Manuel

For example the running firewall users are created from the config file at each boot. So whatever you have on there now is the result of the config that was present at the last boot.

@stephenw10 great, thanks! I will consider doing so. But you know what? The one employee using OpenVPN told me an hour ago that she doesn't even use it anymore! So I might not even need that setup anymore. For my own administrative purposes I can simply start from scratch or even use Wireguard instead. Thanks all for the feedback and help!

@bearhntr Still works, but I'm afraid you'll need to muddle around like I did. Too much to list and not terribly helpful anyway, more of a "wonder if I can do this" exercise.

Thanks! I changed it to a pfSense Docs ticket since it's specifically a documentation change.

@kevs @kevs said in FORGOT PASSWORD IN PFSENSE WEB ADMIN: Because we don't want to reset our firewall and delete all the configuration just to access the admin GUI. That : Menu option 4 : Reset to factory defaults What you want is : Menu option 3 : Reset webConfigurator password

@johnpoz Yes, I understand. Router should not effect the local traffic. The only thing that was changed was the router and it stopped working after that. I added that entry to DNS Resolver and it didn't help. I want to watch movies and listen to music so I'm done messing with it. It's been a couple days of messing with this, I gave up. I don't need the extra hassle but appreciate your help. Thanks.

@louis2 said in Information about status and release plan would be appriciated: Same hold for things like the update server, which is down now for about five weeks. That is probably valid, however again some background and progress info like ^The update server will be offline because "abc" we expect that it to be online again in about "x days/weeks". The development build server was down for updates and has recently been restarted for some internal testing. I would expect in the coming days you will see new builds coming out for both the next release of pfSense Plus as well as Community Edition.

@stephenw10 I used it just as an example.

@creationguy Ah, ok’ right. Syntax errors are not allowed ;)

@doktornotor changing the single instance where tcsh appears in /etc/inc/auth.inc to the my desired shell seemed to do the trick.

@stephenw10 said in Quicker Way to Edit Interface Description (name) for Multiple VLANs: Yup that. At 250VLANs I wouldn't even consider doing it in the GUI myself! Steve I knew there HAD to be a way around it, no way would any sane person put themself through that! Thanks for the confirmation

@jarhead Thanks, missed that.

@lpd7 said in Creating My Own IP4 Deny List Within PFB: find all the numbers associated with a domain? Can entail some detective work to be sure. For example you have www.domain.com, while easy enough to look up that IP.. And from that IP get the ASN that IP is part of, so any other IPs in that ASN. But what if this company using domain.com also hosts their backend stuff for their services of CDNnetwork, or OtherCompany, etc. etc.. So while you might be able to block some of their front end stuff they host on ASN1, but they could providing their whole software or system using ASN2, and ASNX, etc. The more global and complex a system might be, the harder it can be to block or find all the possible IPblocks being used to host that system on a global scale. Don't forget IPv6 as well - that would be completely different ASNs And don't forget if you start blocking CDNnetworkX ASN, you could end up blocking other stuff hosted there that you didn't want to block. If it was me, I would just block on dns - don't allow clients to use external dns. Blocking doh can come with its own headaches, but easier than trying to block a huge list of IPs service might use, and some of these ip ranges these days quite often shared with other services you might not want to block.. Most everything these days is hosted of very large CDNs (content delivery network).. Blocking those can be very problematic when comes to stuff you want to work, now not working. Prob easier to just find the fqdn client is trying to access to get it to said service, and block those via dns.