• access local server via wan ip

    16
    0 Votes
    16 Posts
    1k Views
    johnpozJ

    @patelsaheb said in access local server via wan ip:

    Is there any way that i can access wan ip from my local network

    Why would you need to do that, just access the local IP.. setup a host override to resolve whatever fqdn you want to the local IP vs doing nat reflection.

    If you insist on doing such nonsense - then you have to enable and setup nat reflection.

  • unable to access wan ip via lan network ip

    3
    0 Votes
    3 Posts
    189 Views
    P

    @Rico

    yes working fine.
    thank you.....

  • SG1100 restarting multiple times a day

    2
    0 Votes
    2 Posts
    368 Views
    DerelictD

    Your best bet is likely to open a ticket at https://go.netgate.com/

  • Issue with TFTP IP Phone Provisioning for phones behind PFSense

    7
    0 Votes
    7 Posts
    924 Views
    V

    @stephenw10
    I went ahead and checked the "disable hardware checksum offload" option, then rebooted the firewall. I was still unable to provision the phone after rebooting (phone never pulls the TFTP files) so I went ahead and reverted back to the original setting, then rebooted again. I think I may end up setting up a test FreePBX and PFsense box at my office to try and replicate the issue. At this point the client's phones are functioning; the only issue being I have to manually provision them (which really isnt a big deal since they only have a few phones).

  • Help a noob out for simple setup

    14
    0 Votes
    14 Posts
    989 Views
    stephenw10S

    Yeah I would put money on one of your neighbours having connected their router incorrectly and it's handing out 192.168.1.X IPs. Whoever is admin on that network should be looking for them with a big stick but... 😉

    Steve

  • Time for PGP signed sha256sums?

    2
    1 Votes
    2 Posts
    263 Views
    S

    I also think that PGP signature for sums or ISO image are needed.
    It will also allow to verify locally the integrity and authenticity of install images, stored in the environment without access to the Internet.
    And I think that efforts required to implement this is not so high to discard this idea.
    Many users who put security at the forefront, will be grateful.

  • help with purpose and life of /cf/conf/lastpfSbackup.txt

    3
    0 Votes
    3 Posts
    171 Views
    B

    For some reason the lastpfSbackup file wasn't appearing for some units. Somehow it's working now. I was banging my head and now it's suddenly working.

    I did learn a bit about how it works in the process though and documented in my notes. If it comes back I have more information and I'll update this .

  • Logz.io log analysis with ELK and Grafana.

    1
    0 Votes
    1 Posts
    181 Views
    No one has replied
  • No Console Menu After Cold Boot - APU Board with 2.3.1/2

    Locked
    18
    0 Votes
    18 Posts
    9k Views
    jimpJ
    Upgrade to an actual supported release. Start a new thread if that doesn't work.
  • Scheduling a second Isp backup for specific clients

    5
    0 Votes
    5 Posts
    288 Views
    stephenw10S

    I would use a load-balance gateway group on a scheduled firewall rule. Maybe weighted towards the 2nd ISP. Set it to catch only the preferred clients. See how it goes. They will have to open new connections to see the new gateway when the schedule kicks in but it they're mostly web browsing that should be fine.

    Steve

  • OpenVPN issue connecting to controller

    7
    0 Votes
    7 Posts
    678 Views
    T

    @toms88 said in OpenVPN issue connecting to controller:

    Ive snooped around and asked on the QNAP forum but its not very lively.

    How could i go about NATing as you decribe above? I cant find the interface options for the OpenVPN server :/

    https://www.qnap.com/en/how-to/knowledge-base/article/why-cant-i-access-the-administration-page/

    Item #2: “Please make sure that the NAS and the PC you are trying to connect from are connected to the same network switch and are on the same subnet. You may also try connecting them directly (crossover cable is not required).”

  • WAN IP redirect to LAN

    7
    0 Votes
    7 Posts
    463 Views
    stephenw10S

    Ah, well you can do that too. Most people never want to set that as a port forward is applied to traffic from anywhere but you can set the source address in a port forward.
    Confusingly that same setting in the 1:1NAT is Destination as it's used for outgoing connections too:

    The 1:1 mapping will only be used for connections to or from the specified destination. Hint: this is usually "Any".

    Steve

  • IPv6 Track Interface: unable to track muliple local interface

    7
    0 Votes
    7 Posts
    614 Views
    JKnottJ

    @rsaanon said in IPv6 Track Interface: unable to track muliple local interface:

    @stephenw10 @jimp Thank you! I changed the the prefix back to /60 (something I tried in the past but didn't work) and it now automagically works 👏

    Perhaps that's all they offer, which is 16 networks. You could try other sizes to see how much they offer. My ISP has /56s.

  • Setting up Data Caps

    11
    0 Votes
    11 Posts
    2k Views
    stephenw10S

    Checkout the hangout KOM linked above. Specifically from here onwards.

    Steve

  • Subdomains and dns questions

    5
    0 Votes
    5 Posts
    1k Views
    stephenw10S

    Yeah you should be able to use either HAProxy or reverse Squid to redirect requests based on the host headers to different internal servers. Or different ports on the same server.

    https://docs.netgate.com/pfsense/en/latest/packages/haproxy-package.html

    https://youtu.be/FJSHMyrd29E

    Steve

  • block access pfsense gui OPT1

    3
    0 Votes
    3 Posts
    527 Views
    stephenw10S

    @zemlik said in block access pfsense gui OPT1:

    blocked on OPT1 any to OPT1 address and WAN address ports 22 80 443

    Yes, do that. Though you can use the system alias 'This Firewall' as shown in that link and it will cover all IPs on the firewall itself.

    Steve

  • installing clamav on pfsense

    5
    0 Votes
    5 Posts
    15k Views
    KOMK

    @detox It isn't really surprising that it detected known fake-virus signatures. I wonder about how effective it is in general. I've never seen any qualitative comparisons such as those done by AV-Comparatives, for example. It may not even be as effective as Windows Defender, which has been getting better every year and does fairly well in testing.

    At my company, I don't use any AV on the firewall, and all LAN clients have local AV protection.

  • DLNA, IGMP Proxy, VLANs, Subnets... Oh, dear...

    35
    0 Votes
    35 Posts
    5k Views
    nfld_republicN

    @stephenw10 Added pimd be added to redmine.

  • Asking here as I'm not sure if it's a firewall or nat problem.

    4
    0 Votes
    4 Posts
    463 Views
    stephenw10S

    Ah OK, then yeah it should be just a matter of adding the port forwards for those ports.

    Try connecting to it externally then check the state table for states on those ports.

    Steve

  • pfSsense Fail - PHP Startup: Unable to load dynamic library...

    7
    0 Votes
    7 Posts
    2k Views
    stephenw10S

    It's probably a filesystem issue. It could be an upgrade failure. It's probably not hardware unless the drive is failing perhaps but I would expect bigger issues in that case.

    The fastest way to get back up is to re-install and restore your config from that situation.

    You can try this though since you still have command line access:
    https://docs.netgate.com/pfsense/en/latest/install/upgrade-troubleshooting.html#forced-pkg-reinstall

    Be sure to backup the config first though if you do.

    Steve

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.