Hi. I'm trying to do the save, have you made it work? But one questions, are you running the ELK stack on the same machine as the pfsens? I'm running elk on a different machine to monitor firewall logs, and struggeling to get the squid logs from the pfsense machine to the alk machine. How did you manage to get the squid access log in the syslog ?

Or keep it the way you have it now. Unless you are doing some type of storage service on pfSense, you will never use up the 128GB. What I recommend for other folks is; get a smaller hard drive, like 16GB or 32GB, heck 8GB will do fine if you are doing basic firewall filter. As a basic user, using128GB, most of your 100GB disk space is sitting doing nothing.

In case it is relevant, Disable hardware checksum offload Disable hardware TCP segmentation offload Disable hardware large receive offload are all ticked in System > Advanced > Networking.

It seems like the built in one is sufficient other than time ranges.  Is it really so difficult to allow this to be customized?

Other than the OP I don't think anyone else thinks its uploading anything Harvy66 ;) With you here - is noise, and unless there is something wrong with it and its spewing such packets at some crazy rate its going to be minuscule amount of traffic that would go nowhere beyond the layer 2 its currently on.

bump … .any help please!

IGMP Proxy could be your pitfall. Which version IGMP do you need, and something special like v3 with SSM or so? That's what you need for German Telekom's IP-TV (T-Entertain) which pfSense fails to deliver, considering it a niche only.

That would of been a source nat anyway since you were natting to the opt interface and not your actual wan (internet) interface.. What exactly where you trying to test?

Figured it out.  I just needed to make it a server cert, not a user cert.  Chrome is happy now.

You can add specific DHCP options using the 'Additional BOOTP/DHCP Options' in the DHCP config page (Services/DHCP Server/LAN). To specify TFTP servers by MAC addresses you can create a static mapping for that MAC in DHCP and use the Advanced field in the TFTP heading.

The point was just that the speed between wan, pfsense, ap and wireless client was good.

If you do not want an IP in the same network as another IP talking to each other. If you don't want 192.168.101.20 to talk to 192.168.101.21 then put a firewall on .21 and block .20 Or run private vlans on your switches.  Or as mention break out these devices to different vlans and firewall at pfsense.  As mentioned already by NogBadTheBad pfsense has nothing to do with devices on the same network taking to each other.

you said it ;)  I wouldn't go freaking near that domain even if you did manage to resolve it to something.. Clearly they do not have clue one..  Why would you hide your name behind a privacy domain if your such a big company?  Make's zero sense - be like google.com being behind a privacy domain, or microsoft, yahoo, etc.

thx, for your quick reply, I will try out your suggestion and see if it actually works.

Hi JimPhreak, I have a very similar problem: I switched the VLans from my OPT Port to the LAN Port and DHCP stopped broadcasting. Do you remember how you fixed that problem? To specify what I did: I have 4 Ports that were working just fine before I made the changes. Before: sk0 (WAN): Default Wan Port sk1 (Opt1): Used for my first Backup WAN. sk2 (Opt2): Connecting to my managed switch to connect my APs that have 3 VLans (Appx (10), Mobiles (20), Guests(99)). sk3 (Lan): Backdoor for recovery. After: sk0 (WAN): -no changes- sk1 (Opt1): -no changes- sk2 (Opt2): Now a WAN Port for my Backup UMTS. sk3 (LAN): Now Lan + the 3 VLans. After I made the changes the Backup UMTS works, and every Client that hat an IP before also worked. Users that had not connected in a while or renewed their lease could not get an IP from the DHCP. What I tested: DHCPd Server is running and was restarted (aswell as the whole box). Deactivated the LAN Interface so only the 3 VLans would be on the sk3 Port. Plugged in a cable from a PC directly in LAN and a Port of the Switch that worked before. Any ideas what else to test? Here is my Interfaces config with a few comments: <interfaces><wan><enable><if>sk0</if> <blockpriv><blockbogons><ipaddr>dhcp</ipaddr> <dhcphostname><alias-address><alias-subnet>32</alias-subnet> <dhcprejectfrom><adv_dhcp_pt_timeout><adv_dhcp_pt_retry><adv_dhcp_pt_select_timeout><adv_dhcp_pt_reboot><adv_dhcp_pt_backoff_cutoff><adv_dhcp_pt_initial_interval><adv_dhcp_pt_values>SavedCfg</adv_dhcp_pt_values> <adv_dhcp_send_options><adv_dhcp_request_options><adv_dhcp_required_options><adv_dhcp_option_modifiers><adv_dhcp_config_advanced><adv_dhcp_config_file_override><adv_dhcp_config_file_override_path><spoofmac></spoofmac></adv_dhcp_config_file_override_path></adv_dhcp_config_file_override></adv_dhcp_config_advanced></adv_dhcp_option_modifiers></adv_dhcp_required_options></adv_dhcp_request_options></adv_dhcp_send_options></adv_dhcp_pt_initial_interval></adv_dhcp_pt_backoff_cutoff></adv_dhcp_pt_reboot></adv_dhcp_pt_select_timeout></adv_dhcp_pt_retry></adv_dhcp_pt_timeout></dhcprejectfrom></alias-address></dhcphostname></blockbogons></blockpriv></enable></wan> <lan><if>sk3</if> <alias-address>192.168.178.197</alias-address> <alias-subnet>32</alias-subnet> <spoofmac><enable><ipaddr>10.0.1.254</ipaddr> <subnet>24</subnet></enable></spoofmac></lan> <opt1><if>sk3_vlan20</if> <enable><spoofmac><ipaddr>10.0.20.254</ipaddr> <subnet>24</subnet></spoofmac></enable></opt1> <opt2><if>sk3_vlan99</if> <enable><ipaddr>10.0.99.254</ipaddr> <subnet>24</subnet> <spoofmac></spoofmac></enable></opt2> <opt3><if>ovpnc1</if> <spoofmac><enable><blockpriv><blockbogons><alias-address><alias-subnet>32</alias-subnet></alias-address></blockbogons></blockpriv></enable></spoofmac></opt3> <opt4><if>sk3_vlan10</if> <enable><ipaddr>10.0.10.254</ipaddr> <subnet>24</subnet> <spoofmac></spoofmac></enable></opt4> <opt5><if>sk2</if> <enable><spoofmac><blockpriv><blockbogons><ipaddr>dhcp</ipaddr> <dhcphostname><alias-address><alias-subnet>32</alias-subnet> <dhcprejectfrom><adv_dhcp_pt_timeout><adv_dhcp_pt_retry><adv_dhcp_pt_select_timeout><adv_dhcp_pt_reboot><adv_dhcp_pt_backoff_cutoff><adv_dhcp_pt_initial_interval><adv_dhcp_pt_values>SavedCfg</adv_dhcp_pt_values> <adv_dhcp_send_options><adv_dhcp_request_options><adv_dhcp_required_options><adv_dhcp_option_modifiers><adv_dhcp_config_advanced><adv_dhcp_config_file_override><adv_dhcp_config_file_override_path></adv_dhcp_config_file_override_path></adv_dhcp_config_file_override></adv_dhcp_config_advanced></adv_dhcp_option_modifiers></adv_dhcp_required_options></adv_dhcp_request_options></adv_dhcp_send_options></adv_dhcp_pt_initial_interval></adv_dhcp_pt_backoff_cutoff></adv_dhcp_pt_reboot></adv_dhcp_pt_select_timeout></adv_dhcp_pt_retry></adv_dhcp_pt_timeout></dhcprejectfrom></alias-address></dhcphostname></blockbogons></blockpriv></spoofmac></enable></opt5> <opt6><if>sk1</if> <enable><alias-address>10.0.30.58</alias-address> <alias-subnet>24</alias-subnet> <spoofmac><ipaddr>dhcp</ipaddr> <dhcphostname><dhcprejectfrom><adv_dhcp_pt_timeout><adv_dhcp_pt_retry><adv_dhcp_pt_select_timeout><adv_dhcp_pt_reboot><adv_dhcp_pt_backoff_cutoff><adv_dhcp_pt_initial_interval><adv_dhcp_pt_values>SavedCfg</adv_dhcp_pt_values> <adv_dhcp_send_options><adv_dhcp_request_options><adv_dhcp_required_options><adv_dhcp_option_modifiers><adv_dhcp_config_advanced><adv_dhcp_config_file_override><adv_dhcp_config_file_override_path></adv_dhcp_config_file_override_path></adv_dhcp_config_file_override></adv_dhcp_config_advanced></adv_dhcp_option_modifiers></adv_dhcp_required_options></adv_dhcp_request_options></adv_dhcp_send_options></adv_dhcp_pt_initial_interval></adv_dhcp_pt_backoff_cutoff></adv_dhcp_pt_reboot></adv_dhcp_pt_select_timeout></adv_dhcp_pt_retry></adv_dhcp_pt_timeout></dhcprejectfrom></dhcphostname></spoofmac></enable></opt6></interfaces> DHCP Config <dhcpd><opt1><range><from>10.0.20.1</from> <to>10.0.20.253</to></range> <enable><failover_peerip><defaultleasetime><maxleasetime><netmask><gateway><domain>appx</domain> <domainsearchlist><ddnsdomain><ddnsdomainprimary><ddnsdomainkeyname><ddnsdomainkey><mac_allow><mac_deny><tftp><ldap><nextserver><filename><filename32><filename64><rootpath><numberoptions><dhcpleaseinlocaltime></dhcpleaseinlocaltime></numberoptions></rootpath></filename64></filename32></filename></nextserver></ldap></tftp></mac_deny></mac_allow></ddnsdomainkey></ddnsdomainkeyname></ddnsdomainprimary></ddnsdomain></domainsearchlist></gateway></netmask></maxleasetime></defaultleasetime></failover_peerip></enable></opt1> <opt2><range><from>10.0.99.1</from> <to>10.0.99.250</to></range> <enable><failover_peerip><defaultleasetime><maxleasetime><netmask><gateway><domain>appx</domain> <domainsearchlist><ddnsdomain><ddnsdomainprimary><ddnsdomainkeyname><ddnsdomainkey><mac_allow><mac_deny><tftp><ldap><nextserver><filename><filename32><filename64><rootpath><numberoptions><dhcpleaseinlocaltime></dhcpleaseinlocaltime></numberoptions></rootpath></filename64></filename32></filename></nextserver></ldap></tftp></mac_deny></mac_allow></ddnsdomainkey></ddnsdomainkeyname></ddnsdomainprimary></ddnsdomain></domainsearchlist></gateway></netmask></maxleasetime></defaultleasetime></failover_peerip></enable></opt2> <opt4><range><from>10.0.10.20</from> <to>10.0.10.250</to></range> <enable><failover_peerip><defaultleasetime><maxleasetime><netmask><gateway><domain>appx</domain> <domainsearchlist><ddnsdomain><ddnsdomainprimary><ddnsdomainkeyname><ddnsdomainkey><mac_allow><mac_deny><tftp><ldap><nextserver><filename><filename32><filename64><rootpath><numberoptions><dhcpleaseinlocaltime></dhcpleaseinlocaltime></numberoptions></rootpath></filename64></filename32></filename></nextserver></ldap></tftp></mac_deny></mac_allow></ddnsdomainkey></ddnsdomainkeyname></ddnsdomainprimary></ddnsdomain></domainsearchlist></gateway></netmask></maxleasetime></defaultleasetime></failover_peerip></enable></opt4> <lan><range><from>10.0.1.10</from> <to>10.0.1.250</to></range> <failover_peerip><defaultleasetime><maxleasetime><netmask></netmask> <gateway><domain>appx</domain> <domainsearchlist><ddnsdomain><ddnsdomainprimary><ddnsdomainkeyname><ddnsdomainkey><mac_allow><mac_deny><tftp><ldap><nextserver><filename><filename32><filename64><rootpath><numberoptions><dhcpleaseinlocaltime></dhcpleaseinlocaltime> <enable></enable></numberoptions></rootpath></filename64></filename32></filename></nextserver></ldap></tftp></mac_deny></mac_allow></ddnsdomainkey></ddnsdomainkeyname></ddnsdomainprimary></ddnsdomain></domainsearchlist></gateway></maxleasetime></defaultleasetime></failover_peerip></lan></dhcpd>

Could be as simple as this : most 'real' NAS have "apps". My Synology disk-station has one : it's swallowing the "syslog" records from my pfSense just fine.