@jeep417 my guess would be you had UPnP before opening the ports needed for stuff like the.. I don't think I would ever make my network app open to the public. Not sure about protect or site manager - but the normal network app can be cloud enabled. I always turn that off, but believe it phones home to get any info you change, etc.

If I need to access my unifi controller while out and about I just vpn into the network.

Cameras normally work without opening ports because they phone home to the mothership and open the connection outbound that your app is able to use. I access my cameras when out and about this way..

You could enable UPnP on pfsense - but I would suggest against that. If you can not enable cloud/remote in the different unifi apps, I would vpn into manage those.. I don't use protect or site manager but the unifi controller believe if you enable it is in the unifi portal

remote.jpg

Out of the box pfsense doesn't block anything outbound.

Everyone,
Netgate helped me solve it. As usual, operator error.
It had wireguard on it, and I didn't know it. It was an ip conflict.
Yes, the firewall was open to make it easier to troubleshoot. I can close it down now.
Thanks !
Gary

@joshgreyz
Again we're off topic. Security updates. Period.

The other releases are mostly unrelated to what CE wants and needs. Only thing I can really think of is moving to new dhcp service...and that isn't exactly a severe security related thing just moving a very slight piece of the stack.

A large quantity of built in bsd vulns (of which there are few) don't exist here because they're compiled out - remember this is primarily a firewall/router that is designed to live in a hostile environment.

We're like 33 posts in and whining about release quantity. Specific patches are available when necessary, and they're available very quickly. Period.

@Patch yeah...development work is happening in areas that corp customers have been stating that are stoppers for a decade. Again...CE is not behind on security. You're measuring commits that include UI typos and saying that something that is completely unrelated to that is dead.

Moderators can we please lock this thread as it is literally just wandering in the desert complaining.

Mmm, so probably no hardware to attach to.

Try reverting the widget reload behaviour as shown here: https://forum.netgate.com/post/1191398

@bluecovenant said in getting DNS leaks:

hmmm i just rebooted with the "dns server override" unchecked, and got a leak again. any other suggestions? could this be a problem with how the vpn interface is set up?

@bluecovenant said in getting DNS leaks:

"dns server override"

I had same issue as you, and i resolved it by using DoT. See my thread here. The other not so elegant solution is to configure your DHCP server so it hands out proton DNS IP`s to your clients directly.

@viragomann thank you for the confirming feedback!

EDIT: ps: it worked out great, thanks again

@patient0 said in Is it possible to access the pfsense console remotely?:

@jriofrio there are KVM-Over-IP available but they are mostly not cheap.

Like TinyPilot Voyager for $350 is an example.

Or a new one on Kickstarter is JetKVM for $69 according to their website (Lawerence System did a review on it). But be careful with Kickstarter projects, they may not come alive.

Or build a PiKVM... https://docs.pikvm.org/v2/
All you need is a Pi4 (preferably) and a HDMI to CSI module.

@jimp
Yes, very simple. I'm on “KEA” now and everything's OK 👍

Send me the tip in chat and I'll check.

Steve

@comet424 resolving local resources that are listed in unbound be it via dhcp registration or static dhcp registration or host overrides has zero to do with any public dns service you would forward too.. They are not going to resolve your local resources, nor should they even i you put records up there because any ns you forward or that is not actually unbound itself that returns a rfc1918 address would be a rebind and is dangerous behavior.

Yup check the load average from the command line without the gui open and see if that is significantly lower.

ChatGPT has helped spammers a lot! 🙄

@cmcdonald

I see the same, never seen the flash before. :)

@Clouseau

LM1200

$40 from Netgear, $25 from Amazon

I have the older LB2120 connected to pfSense for dual WAN failover.

@marcosm Yes, that's right. I've created a bug report in Redmine.

Bug #15876