well I wasn't sure in which category to post. anyway, that's clear now. appreciate any help on the questions too! thanks.

Excellent idea. Thanks for all the advice!!  8)

I asked the others, it was the streamer having an issue and the cpu use was coincidence.

thanks for the help everyone. I've just received my Openreach HG612 (Huawei), plugged it in, set my PPPoE username to bthomehub@btbroadband.com and my password to (randomly) 12345. Plugged it in to WAN port and works straight away! Wish everything did that!

pfSense is based on FreeBSD, so most of documentation you will find here — https://www.freebsd.org/docs.html Better logging is a crash dump you have send to pfSense team, what else? You can also change the default 50 entries behaviour of syslog via GUI, if you want more just look at  /status_logs_settings.php on you pfSense firewall, you can even setup external syslog server and send all log directly to it. https://doc.pfsense.org/index.php/Copying_Logs_to_a_Remote_Host_with_Syslog https://doc.pfsense.org/index.php/Log_Settings despite the documentation slightly outdated after reading it you should not ask such questions like "where do I find better logging that has more than 50 entries?" Yes, pfSense docs are not the best documentation but I can not agree with you about "pointless RTFM comments" — most of crashes of stable 2.3 are related to NIC drivers and this is solvable problem in most cases, that was pointed in https://doc.pfsense.org/index.php/Unexpected_Reboot_Troubleshooting. You have  provided NO information about you hardware and software, so your first question and offense at the expression "RTFM" absolutely not justified, IMHO. If you are not looking for help here, I don't understand what kind of response are you waiting for. May be this?  https://www.amazon.com/pfSense-Definitive-Christopher-M-Buechler/dp/0979034280

It seems like i dont have internet connection, but it is filtering internet traffic WAN-LAN in bridge mode. What URL does the PFSense need to reach to be able to update? getting Updating pfSense-core repository catalogue… pkg: https://pkg.pfsense.org/pfSense_v2_3_2_amd64-core/meta.txz: No address record repository pfSense-core has no meta file, using default settings pkg: https://pkg.pfsense.org/pfSense_v2_3_2_amd64-core/packagesite.txz: No address record Unable to update repository pfSense-core Updating pfSense repository catalogue... pkg: https://pkg.pfsense.org/pfSense_v2_3_2_amd64-pfSense_v2_3_2/meta.txz: No address record repository pfSense has no meta file, using default settings pkg: https://pkg.pfsense.org/pfSense_v2_3_2_amd64-pfSense_v2_3_2/packagesite.txz: No address record Unable to update repository pfSense post did not help.

This smells like it could be related to two other issues I had after upgrading from 2.2.6 to 2.3.2: https://forum.pfsense.org/index.php?topic=109938.45 (starting post 47 and ending post 49) Which subsequently led to a follow-up question which went unanswered (and still unresolved): https://forum.pfsense.org/index.php?topic=118578.0 Could all of this interface weirdness be rooted in the upgrade from 2.2.6 to 2.3.2? Prior to the upgrade I was having none of these issues….

thanks for all your replies. i'll check these options out.

Grazie mille I will try that!

Or create a dhcp reservation and have those registered in your resolver or forwarder depending on which one your using.. The resolver is default out of the box.

Can't I trap any adware/trojans at a network level using pfSense? Not with PFsense alone, no.  Remember, PFsense is a firewall distro, not a UTM.  Are there creative things you can do to stop the virus from communicating back to its home base?  Sure, like Stewart suggested…e.g. host file entries, DNS entries, domain overrides, firewall entries, etc, but that's not an effective or efficient way to fight an infected PC and none of those options actually resolve the infection. As for using the "Reset this PC" feature of Windows 10, does that mean having to reinstall all my apps? There's an option to keep your files, in which case I believe it will just re-install the system files and keep your apps, but from my perspective… why keep the remnants of a compromised system?  Re-building with a clean environment is your best option IMO.  Having to re-install your apps will still take less time than trying to thoroughly clean an infected system.

To be sure it works with another router, I tried the following: [image: 2upfo1w.png] The 'Debian 8 Fresh Install' is another fresh install of the 3CX server. VLAN ID 0 is untagged traffic going to the Toughswitch, I changed the phone to this VLAN also, and it works. [image: 6pb586.png] The phone shows up automatically. This network is connected to a Edgerouter Lite, with basic configuration. But as you say, the multicast is running on the switch. And about this I found the following: https://communities.vmware.com/thread/470492?start=0&tstart=0 I will try migrating to a distributed switch. The IGMP proxy I already tried (see my first post), but it didn't help.

@Mr: I tried late at night. Then I got 850/100 when connecting directly to the modem and 30/100 when connecting througth pfSense 850 is close enough for now. The 30/100 is very consistent, seems always 30 never slower….??? Hardware/Software pfhttt! what do I know. Your machine. So, back to the LAN or WAN. If you want to try running it in router mode for testing. System/Advanced/Firewall&NAT\ - Try test with packet filter off. Open it up until you figure out bottleneck, takes alot of guess work out of the way. If it speeds up(a lot) you win,search is smaller, if not you still win. If you have 3 nics you can try to isolate one while testing 2 with- Interfaces/Interface Assignments- test different NIC for wan. In router mode this would be easier. Less setup time. Try Wireshark and read the traffic chatter. Compare with best speed captures. It could still be between your pc and pfsense also so check your details for the pc nic connection. On PfSense- Status/Interfaces-any errors or collisions? Wan or Lan. System/Routing/Gateways-add Gateway to get dpinger monitor logs Are all your services running. Check System Logs and gateway log, Resolver, etc. Find the others here some good error logs. ;) Not sure if this is useful advice myself,guessing here. Good hunting.