• Can't see hosts in LAN

    Locked
    3
    0 Votes
    3 Posts
    1k Views
    W

    I am confused by the description of your network configuration. Please provide
    1 a network diagram including IP addresses and network masks of interaces, identifying particular hosts on that diagram that can't communicate;
    2 output of pfSense shell commands```
    /etc/rc.banner ; ifconfig

  • Odd logging problem

    Locked
    4
    0 Votes
    4 Posts
    1k Views
    D

    @jimp:

    How did you "recreate" log logs?

    They are supposed to have lots of null characters, they are binary circular log files, the are not plain text logs.

    They are read with the clog command, such as "clog /var/log/system.log"

    Usually that clog crash means that the logs were not created with a clog format.

    Use the "clear log" button on a log tab to clean and re-create the log file properly.

    Click Save on the Log Settings tab to restart the syslog process which usually will get logs going again.

    Thanks very much. I'd actually worked this out at stupid o clock this morning - i.e. that i was being an idiot and assuming the logs were plain text, not binary. On the upside, I now know about clog and a lot more about pfsense, so 10 hours of banging my head against a brick wall wasn't entirely wasted!

    Thanks again - the key point to other users if they are stupid like me, is to not manually kill and recreate the log file to clear it! Use the pfsense gui and manually check it's logging using 'clog [filename]' rather than vi.

  • MOVED: Inversion interface

    Locked
    1
    0 Votes
    1 Posts
    830 Views
    No one has replied
  • 2.0.3 Incorrect OUT Speed in Traffic Graphs

    Locked
    4
    0 Votes
    4 Posts
    2k Views
    P

    When reading both the graphs and the bandwidth-by-IP table, always think of In/Out with respect to the interface or IP address reported. Then the In/Out makes sense.
    e.g. when doing a big download:
    WAN graph - In is high
    WAN IP bandwidth table entry, In is high.
    LAN graph - Out is high (traffic is going Out of LAN interface to the device receiving the download)
    IP entry for device on LAN -In is high - the device receiving the download is getting a lot of traffic in.

    (No comment on the OP about speed figures - I don't have a 2.0.3 system any more to do a real test)

  • Outside world can't see web-server?

    Locked
    8
    0 Votes
    8 Posts
    3k Views
    W

    @Fmslick:

    still getting connect timed out!?!

    You have discussed two different configurations in this topic. Which configuration has the problem?

  • Reverse HTTPS Proxy ultimate frustation! Help!

    Locked
    2
    0 Votes
    2 Posts
    1k Views
    P

    The HAProxy-devel package can work ok with multiple certificates for different (sub-)domains. Just create multiple "shared" frontends and assign certificates to each.

  • Strange IGMP Proxy issue.

    Locked
    5
    0 Votes
    5 Posts
    2k Views
    A

    I have the exact same symptoms. I would really appreciate help/comments on the issue.

    It's frustrating to be booting igmpproxy all the time…

  • Is linux compatibility layer possible inside a jail?

    Locked
    1
    0 Votes
    1 Posts
    966 Views
    No one has replied
  • Lan Clients Internet disconnecting After sometime…..

    Locked
    1
    0 Votes
    1 Posts
    701 Views
    No one has replied
  • Reduce load when processing many lists of IP Addresses

    Locked
    3
    0 Votes
    3 Posts
    1k Views
    L

    That's helpful, thank you.

  • Non-Public UK Gov IPs in my US Firewall Logs

    Locked
    3
    0 Votes
    3 Posts
    1k Views
    C

    Whether or not something should be found on the Internet doesn't necessarily matter. Bogon or assigned but unrouted IP space is hijacked and announced by those with nefarious intent all the time. Alternatively it could be something your ISP is assigning internally and NATing, could be that there were routes for 25./8 in the Internet routing table at some point in time (there isn't right now, at least not on our full BGP feed). It also could be any number of other things depending on specifics.

  • Using PFS to secure a Metro-E line…

    Locked
    5
    0 Votes
    5 Posts
    1k Views
    S

    You're on the right track, seperate subnets for both LANs and the Metro-E section

    So you would have
    site1:
    pfSense LAN: 10.0.0.1/24
    pfSense WAN (Metro-E): 10.20.0.1/24

    site1:
    pfSense LAN: 10.10.0.1/24
    pfSense WAN (Metro-E): 10.20.0.2/24

    and then follow:
    http://doc.pfsense.org/index.php/OpenVPN_Site-to-Site_%28Shared_Key,_2.0%29

  • MOVED: Postfix null client on pfSense?

    Locked
    1
    0 Votes
    1 Posts
    834 Views
    No one has replied
  • MOVED: postfix, mailscanner, spamd - how do I know it is doing anything?

    Locked
    1
    0 Votes
    1 Posts
    852 Views
    No one has replied
  • MOVED: Skip url lightsquid

    Locked
    1
    0 Votes
    1 Posts
    947 Views
    No one has replied
  • [OT] BSDMagazine contributors wanted!

    Locked
    1
    0 Votes
    1 Posts
    1k Views
    No one has replied
  • Integrated ADSL Modem

    Locked
    8
    0 Votes
    8 Posts
    2k Views
    P

    I am in an environment where I want minimum power consumption, 12V DC operation (if possible) and so on. I looked around for a way to have the ADSL modem and telephone line connector built-in to the box I used as the pfSense router/firewall. I gave up! In the end we get various ISPs providing internet to the office/home by different means:

    ADSL on telephone line, WiMax or other wireless distribution with an antenna on our roof and an ISP-provided end-point routing/connection device, cable/fiber or whatever with an ISP-provided end-point device

    All the ISPs end up giving you an RJ45 ethernet socket with data pouring in/out of it at the speed you pay for. So it turns out to be much easier to have the pfSense router/firewall with an RJ45 ethernet as its layer 1/2 WAN.

  • Firewall Logging Ceased

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    N

    Yes.  Turned off then back on in settings tab and that restarted it.

    Would have been nice to have a notification that it wasn't running.

  • New 100/15 Line. Only seeing ~35Mbps across firewall, ~95Mbps without.

    Locked
    3
    0 Votes
    3 Posts
    1k Views
    S

    @vbman213:


    Any ideas?

    check MTU on WAN as well

    My hardware should comfortably support a HUGE pipe.

    yes, this is WAY overkill, a atom can route this easily, are you running any packages or other things on the box that you need this?

  • Forums websites signing in problem

    Locked
    2
    0 Votes
    2 Posts
    1k Views
    stephenw10S

    This is almost certainly a load-balanced WAN problem. I see that on some forums, dd-wrt for example.
    I just created an alias with sites that can't handle multiwan and route traffic to them via a failover group rather than load balance.

    Steve

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.