If it's mulitwan and one is still up you should be able to resolve over that. As long as you have setup servers on both WANs or you a gateway group set as the default gateway you should still have DNS.

Thanks. I've got a computer here which I'll shove in my server room with pfSense running 24/7

It's probably a lower sync speed. That may increase over a few days.
The SG-2220 is capable of far more that that.

Try establishing a PPPoE session from a laptop connected directly to the modem. What speed do you see there?

Steve

[2.5.0-DEVELOPMENT][root@pfSense.localdomain]/root: pfSense-upgrade -h > > Usage: pfSense-upgrade [-46bdfhnRUy] [-l logfile] [-p socket] [-c|-u|[-i|-d] pkg_name] > -4 - Force IPv4 > -6 - Force IPv6 > -b - Platform is booting > -d - Turn on debug > -f - Force package installation > -h - Show this usage help > -l logfile - Logfile path (defaults to /cf/conf/upgrade_log.txt) > -n - Dry run > -p socket - Write pkg progress to socket > -R - Do not reboot (this can be dangerous) > -U - Do not update repository information > -y - Assume yes as the answer to any possible interaction > > The following parameters are mutually exclusive: > -c - Check if upgrade is necessary > -i pkg_name - Install package PKG_NAME > -r pkg_name - Remove package PKG_NAME > -u - Update repository information >

how about pfSense-upgrade -d -y ?

@Gertjan @stephenw10
The discussion is getting interesting. I am starting a new thread,

https://forum.netgate.com/topic/146882/pfsense-memory-usage-part-2

Regards,
Ashima

Glad you found it.. :)

Or maybe he thought he was helping things by hard setting the speed and duplex where not supported? Auto-neg is my friend...

@stephenw10 probably not, it's a matter of habit. I'll probably disable ARP altogether and see what happens.

Yes usually there is the public IP. I do have a DHCP for my LAN but i doubt that this is the issue here. Either way i entered the DHCP server ip, will see if this changes anything.

@stephenw10 thanks a lot...created and yes it does its job ....perfect

@jpvonhemel said in Cable modem reboot kills Webconfigurator:

currently does not have any wan connected.

This is a rather normal situation.
The first time you powered up your SG-2440, right after assigning interfaces, there was no Internet connection. Console access wasn'teven needed at that moment, you could access right away http://192.168.1.1:80 and login using admin & password..

But now :

@jpvonhemel said in Cable modem reboot kills Webconfigurator:

When the 2440 boots, I see Starting Webconfigurator... failed.

I presume you see this on the console logs.
So nginx fails already during booting.

When you restart the webConfigurator, you see multiple

@jpvonhemel said in Cable modem reboot kills Webconfigurator:

pfSense nginx: 2019/09/24 18:38:20 [emerg] 22897#100160: bind() to 0.0.0.0:443 failed (48: Address already in use)

this means that the initial nginx process that started during boot can't be killed. It's like frozen in the system, and keeps port 443 (the https port) locked. In such a case, a new nginx instance can't be launched, because it can bind to the same port 443 port.

That's not some WAN interface- or DNS bug. probably not even a Comcast thing. nginx should not fail at all like that.

I advise you to save your config file - can can find it here : /conf/config.xml and save it.

Now, reset (option 4) to factory default. Or even better re install pfSense from scratch.
Such an operation will never hurt pfSense and guarantees good files and initial settings.
Do the same tests.
Does nginx launches correctly now ? With WAN hooked up, or not ?

After importing your config, is everything still ok, or the problem comes back ? (and if so, throw your config file out of the window).

During all this, the system logs could mention important info.

Look here :

a59a648a-41d9-4d5e-b824-335e090ba2c7-image.png

( in Status > System Logs > Settings )

What do you think ? It's time to see some (nginx boot) errors. Set this option, and reboot your device. Show any suspicious boot - system log - messages.

@Raffi_ said in Infection happened - what now?:

Find the client with the problem ASAP and remove it them from the network. 😉

You can only use accounting by authenticating against Radius in pfSense. I've only ever tested that using the Freeradius package personally.

Steve

Hmm, well glad you got connected. It certainly shouldn't take any time.

The console output looks like it was just refusing the login for the mgr user. Perhaps the user had been edited and chnages not applied? They would then be applied when you made some other change which can look like this.

Steve

@tman222
It sure does - helps a lot. Yes, I have a dedicated management PC with the Unifi Controller installed. I will be sure to set up Port 4 correctly. Cheers!

Do you see the laptop in the pfSense DHCP leases table in Status > DHCP leases?

I expect you will otherwise you would have bigger problems than just not being able to access the printer.

That traffic should go directly between your laptop and the printer if the Asus is acting purely as an access point. pfSense never sees that traffic and hence cannot block it.

Steve

user admin in the gui is user root for ssh, it's the same account
if you want to add a new user with ssh access you can do it from the gui
System / User Manager
add a new user, the privilege would be -> User - System: Shell account access

yeah the meme was a joke, the fried cpu was not

While you can't yet change which interfaces the GUI and SSH listens on, you could setup some floating rules to make this easier, something like

Pass quick TCP from <your management subnets> to This firewall (self) ports <alias with 443, 22, etc> Reject quick TCP from any to This firewall (self) ports <alias with 443, 22, etc>

The "This firewall (self)" target expands internally in pf to any address on the firewall.

ok thanks good info, I fixed the issue, after I connected the lan from the netgate to my pc I eas getting the full 230Mb, so the netgate router was not the issue. so next I removed all the other lan cables from my switch and moved the lan cable back to the switch and now im all good. Looks like I had a lan switch issue. :)