@nimrod Hey Guys,

Is it really that important to be right?

You must both be steely eyed missle men to argue like you do.

Ok 6.0.19 is pretty old (2023?) That's still in Proxmox 7 I assume. You should upgrade that IMO.

This is almost certainly that bug though which is not a pfSense issue.

If it ain't broke....

HAProxy is restarted? Does it log an error when it stops?

Did you set static source ports on the outbound rule?

I would probably test a rule that just matches the one internal IP trying to connect and all ports to be sure.

Then check what states it's opening when it fails. Or succeeds!

@RickyBaker I think it was the modem!!!
680decb1-9933-4198-9eee-eb55e04c7910-image.png

I'm not convinced this isn't just temporary. Some of the settings of the Modem seem wrong. for one passthrough didn't seem to work and DHCP is enabled on the router. I'd like to enable the protocol in that link i posted above (https://docs.netgate.com/pfsense/en/latest/recipes/authbridge.html) but for the time being i'm happy to have snappy internet back! Thanks everyone!

This seems......ok? not sure what I should expect over wifi with gigabit fiber:

f8a26daf-94ec-416e-a4cc-bfab1911feec-image.png

It's def faster than it was though...

What does the console show pfSense has as a WAN address?

If the upstream router/modem is passing it a 192.168.1.X address that would conflict with the default LAN subnet and one of them must be changed.

Hi all,
Exchange Server working.
Configured with Squid Reverse Proxy and a firewall rule, NAT rule not configured.
Many Thanks!

Matias

@madmaxpr FWIW for reference:
https://docs.netgate.com/pfsense/en/latest/backup/restore-different-version.html

@kpa said in How can I install Midnight Commander on pfSense?:

It's supposedly an easy to use file manager (for being an ncurses application) but since there are better ones like Filezilla, WinSCP and others that can use an SFTP connection and offer a proper GUI on your workstation I don't see why you would want to install it on pfSense.

An upfist from the future! 👍

Ha. Fair. 😉

@stephenw10 Things looking good. Firewall survived multiple WAN/PPPoE down events with the new pppoe module.

Though, It is still a mystery why this happened in the first place before with the old pppoe module or 24.03 more precisely.

@tinfoilmatt A domestic router, I guess, can be called a SOHO router that the average man in the street can but from their local computing shop - Linksys, TP-Link, D-Link, Draytek, Netgear etc or is supplied by your ISP. It excludes high end devices like some of the CIsco and Juniper devices and things like that.

The warning is not good. It does not even point the user to the correct screen or give him any instructions. It did help me eventually narrow it down, but I consider myself way more advanced than your average user - I used work for Clearcenter providing support for ClearOS (which also resets the routing table when changing the external WAN settings).

@stephenw10 yup that would be another way @CreationGuy but his rule above his lan allow should trigger and not log that igmp traffic.. and no other rules should be evaluated.. So it shouldn't still see the igmp traffic on his lan allow and block it because of the IP options setting.

@stephenw10 Quick update, my isp provider came out yesterday about lunch time an replaced the card that converts the fiber to ethernet and replaced the rj45 socket. We tested with no errors and i have not seen a hang on the vault yet and it is now almost 30 hours running.

@stephenw10 said in Two IP's from ISP, Two PFsense routers (one a vm) cannot access B from A:

What lloks wrong is that site A has the same MAC for 24.71.68.1 and 24.71.68.91

Exactly, and site A was the one that had .91 before. So if there is some stale info in the ARP table then flushing it may fix it I suppose?

@stephenw10 said in Two IP's from ISP, Two PFsense routers (one a vm) cannot access B from A:

Edit: Good point, it could be Proxmox doing something odd. But I run that here and have never seen it do weird layer 2 stuff like that.

I agree, I use Proxmox for two firewalls in a similar setup, and I have had no trouble with vtnet or direct NIC's. Although I do have a switch on the WAN, not a router. But considering that Proxmox is the one thing that is different vs site A, I'm thinking it may be part of the problem.

@backup2 said in Can't access internet with pfsense and proton vpn:

any chance you can help with this issue also?

What firewall rules have you added there? There are none by default.

Did you enable dhcp on the new interfaces? Are connected clients pulling an IP correctly?

@elvisimprsntr said in PSA - AT&T Email to SMS Gateway Service Ending:

If you are affected and are in need of an alternative, I switched to using Pushover: Simple Notifications for Android, iPhone, iPad, and Desktop
30-day free trial and $4.99 one time license per platform.

I already updated my security system, home automation controller, and pfSense to use Pushover. Took less than 15 minutes.

I’d be interested in what options others are using.

There was a short discussion of this on the Ubiquiti forums. Pushover received a number of recommendations. Other options mentioned were Zapier and Telegram. Home Assistant apparently has notification support through its app.

I switched over to Google Chat for notifications via a webhook (Chat webhooks require a Google Workspace account, which we already had). Straightforward to implement and working well so far. There's also an email-to-Chat interface.

There's nothing much shown in that status output you uploaded. Mostly because the system logs are completely spammed with:

Apr 13 15:42:11 bkk-fw upsmon[52386]: Poll UPS [apc] failed - Driver not connected Apr 13 15:42:16 bkk-fw upsmon[52386]: Poll UPS [apc] failed - Driver not connected Apr 13 15:42:21 bkk-fw upsmon[52386]: Poll UPS [apc] failed - Driver not connected

You should disable that if the UPS isn't actually attached.

You also have a number of arpmovment messages. If those are legitimate consider disabling logging those:
https://docs.netgate.com/pfsense/en/latest/troubleshooting/logs-arp-moved.html