• Packet Capture: received vs. sent

    9
    0 Votes
    9 Posts
    436 Views
    stephenw10S

    A bridge interface is tricky because there is no sent/received really. Every packet crosses it. Unless the interface is assigned in which case pfSense can send/receive from it and will use the generate bridge MAC.

  • User called “internet”

    15
    0 Votes
    15 Posts
    991 Views
    dennypageD

    @Phonix66 said in User called “internet”:

    I suspect the ntopng package, I didn't login for a while and tried now to login with the "internet" user, but couldn't, nighter with my Administrator account.

    The ntopng package does not create such a user. What made you suspect it?

    [Edit: You can ignore this -- I just saw that you subsequently determined that it wasn't ntopng]

  • PFSense Web UI not displaying certain characters

    4
    0 Votes
    4 Posts
    203 Views
    Z

    @stephenw10

    That worked @stephenw10. I rebooted the computer and all is well.

    Thanks for the assistance.

  • 0 Votes
    9 Posts
    508 Views
    M

    @stephenw10 said in Connecting to server on a seperate LAN from camera connected to NVR wifi LAN:

    Is your NVR device there routing that traffic or NATing it?

    If it's routing (a much better setup) then you need to have a static route and gateway in pfSense so it knows how to reach the 22.1.1.X subnet.

    If it's NATing then you would need to setup some port forwards in the NVR and send traffic to that.

    Are you really using 22.1.1.X there? That's a public subnet which may conflict with something you might want to access externally someday. Though it appears to belong to the DoD so.... 😉

    Steve

    A static route did the trick.
    Thanl you.

  • tcpdump v4.99.4 from pfSense 2.7.2 does not honour local timezone

    12
    0 Votes
    12 Posts
    753 Views
    P

    @stephenw10

    Now I'm really calmed down, thank you!

  • Help Pfsense question

    9
    0 Votes
    9 Posts
    740 Views
    stephenw10S

    Hmm, well those P2s don't match so if one side tries to open a P2 with a /16 defined the other side will reject it.

    You should see a bunch of errors in the logs for that though. And I wouldn't expect to see the P2s come up in the status.

  • SG1100 with external USB ZFS disk?

    11
    0 Votes
    11 Posts
    522 Views
    JonathanLeeJ

    Cron job @reboot the mount commands

  • 0 Votes
    17 Posts
    949 Views
    S

    Yes I was offered 24.11-RELEASE (arm64) after a short delay

    All done - thanks again!

  • This topic is deleted!

    1
    0 Votes
    1 Posts
    16 Views
    No one has replied
  • NTP Update Interval

    4
    0 Votes
    4 Posts
    250 Views
    johnpozJ

    @alhaunts The way to sync time in pfsense is ntp.. You don't have to provide time services to anyone else. Ntp is both a client and a server..

    There is no setting for like sntp that I am aware.. If you want pfsense time to be correct, you would setup ntp.. By default it just points to pool out on the internet provided by ntp.org

    If you want to make sure none of your clients sync to it - then just set the listen interface to localhost only.

  • 0 Votes
    5 Posts
    254 Views
    M

    @jimp Thanks for responding. StephenW10 sorted me out and Jan 31st backup restored today!

  • correct installation and configuration

    15
    0 Votes
    15 Posts
    897 Views
    G

    @andreanet said in correct installation and configuration:

    the source 10.10.10.9 is the IP address of the Lansonia router

    Do you have another "router" connected or perhaps you mean wifi Access Point?
    If it's an AP, and 10.10.10.9 is just the management interface for that AP, try disabling that rule. Then you will still see that all wifi clients will be able to access internet. Any traffic not targeting rule number two (destination 10.10.10.1 I suppose) will simply hit the last rule allowing internet access.

  • Questions about the future of pfsense 2.7 CE

    36
    0 Votes
    36 Posts
    5k Views
    N

    @bmeeks Patching was never easy to begin with.
    What I'm saying is that a package can be updated without releasing any interim pf release, so it needs less regression testing, than a full point release

    Maniplulationg text (php) and configuration files is different from changing binary files.

    What Im trying to say is that ce version isn't something left to its (security) fate, only to be fixed if and when the sun is shining.

  • port alias not found

    7
    0 Votes
    7 Posts
    349 Views
    stephenw10S

    It wouldn't be shown there. If it's anyway it will be in the main system log covering the boot up time or immediately after boot.

  • [SOLVED] Firewall Setup for Cloud hosting web app

    4
    0 Votes
    4 Posts
    255 Views
    B

    @netblues thanks a lot. this is what i thought :)

  • Pfsense PPPoE Server

    6
    0 Votes
    6 Posts
    353 Views
    stephenw10S

    Oh, you can't have the same user defined more than once like that. You would need to add it without an IP so it just pulls an address from the pool. It should then be able to authenticate multiple times and pull multiple IP addresses.

  • 0 Votes
    5 Posts
    260 Views
    stephenw10S

    I think this is to allow access to single snapshots for the general internet rather than actually viewing the webcam directly. I had something like that setup at one time (a while ago!) and used a separate webserver with a script that periodically pulled a jpg.

  • firewall going down

    12
    0 Votes
    12 Posts
    571 Views
    stephenw10S

    Yes. Unless it has a serial console which is generally preferred since you can copy/paste the output etc.

  • Unable to synch with internal network NTP server

    14
    0 Votes
    14 Posts
    790 Views
    dennypageD

    @johnpoz said in Unable to synch with internal network NTP server:

    Also a poll of 8 seconds seems a bit excessive if you ask me ;)

    Not for a LAN based server. I have done a lot of hw ntp testing in the past. I use -4 (16 per second) for my main servers. Unfortunately, ntpd cannot operate below 3 (8 seconds per). 😊

  • Site-to-Site Wireguard: Very high CPU usages

    15
    0 Votes
    15 Posts
    2k Views
    stephenw10S

    The CPU in the 8200 is a lot more powerful so you see the widget usage in the 1100 far more. That is especially so because the refresh rate can start to hit the time taken to pull the data.

    Did you try the patch linked above to revert to the previous widget behaviour?

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.