@rsaanon said in pfsense with Spectrum Internet:

@bmeeks That's a good thought, but I had done a couple of things to ensure that ISP was not coupling the MAC address of the PC to the connection where the ISP DHCP server will not serve out IP to a different MAC:

I rebooted the modem and waited an hour to ensure that ISP DHCP lease is released back to the DHCP pool I spoofed the MAC address of my PC inside of the hypervisor/ESXi

Based on the above two steps, I doubt that the issue is related to "learned" MAC address. Thoughts?

Thanks!

I agree if you spoofed the PC's MAC address and rebooted the cable modem, that should have addressed any "learned MAC" issues.

Thanks, this is what I meant

@atomicboy said in How to remove PFSense from Appliance:

I was able to access the bios and set the USB port with the USB in it as the only option for boot up and not just the order of boot and this worked. Upon booting the USB, the program determined that there was not enough space on the hard drive so it provided an option for me to repartition the disk and I selected the entire disk which in effect erased PFSense.

You found it 👍

I think someone else had this same issue recently in that the graph reports double the actual bandwidth. Search the forums for traffic graph and see if it was resolved or is still outstanding.

I try to help out where I can. Even though I've been here five years or so, I still remember the feeling of being new and posing a question into the void and getting no response. If I think I can even point them in the right direction, I'll reply. You might notice that this forum has very few unanswered posts. Not all issues can be resolved via the community forums, but I think we have a pretty high success rate and that helps the project's reputation & success.

Sorry, no. I have to move a facility in late June and that is when it is going to happen.

@jimp Roger....Thanks

@stephenw10 said in New User to pfSense - some doubts:

I think there has been some confusion here.
Steve

Well look at his quote. Thus he can answer for himself I suppose.. :)

https://forum.netgate.com/topic/143183/solved-cant-seem-to-get-my-apt-get-working-on-vm/7

@NogBadTheBad said in Does pfSense support SNTP:

You still have to XMODEM IOS to a Cisco switch if there's no IOS in flash :)

I think I saw that mentioned in my search for firmware updates. However, that would be a bit difficult to do without a serial port on that box. However, what is does to is create a web server, if the firmware can't be found. That web server can then be used to upload the firmware. I wonder if that gets turned on, when http upload is selected. I was using tftp, where I had to specify the IP address and file, but the missing firmware web server was 192.168.1.254, IIRC. I'll have to look into that.

@stephenw10 said in Cant seem to get my apt-get working on VM:

Disable IPv6 on the pfSense LAN

Thanks - It's resolved - I've disable DHCP 6 server and uncheck in my LAN interface everything is perfect now.

Did you inspect the pfblockerng.log to see what is done during that period?

Yes, that will work. pfSense sees it as any other WAN connection then.

Steve

@jimp said in Bootup: Fatal Error Uncaught Error Stack trace:

You can use the boot menu to select single user mode if you need to make those kinds of changes.

Thanks

@OpenWifi said in How to stop throttling by my ISP:

@chpalmer So how can i circumvent that

How can you get full bandwidth from your ISP when they aren't allocating it to you?
You probably cannot.
But if you're using any old hubs in your network, moving to switches might help.

What you're experiencing I believe is very common.
This might help.....
TomsGuide - What to do when your bandwidth is throttled

Just happened again. Devices using the native WAN interface as a Gateway stay unaffected.

Logs (System --> General) show ntopng crashing:

May 7 17:38:10 kernel pid 15404 (ntopng), uid 0: exited on signal 11 (core dumped)
May 7 17:38:10 kernel igb2: promiscuous mode disabled
May 7 17:38:10 kernel igb3: promiscuous mode disabled
May 7 17:38:32 ntopng [HTTPserver.cpp:924] ERROR: [HTTP] set_ports_option: cannot bind to 3000s: Address already in use
May 7 17:38:32 ntopng [mongoose.c:4584] ERROR: set_ports_option: cannot bind to 3000s: No error: 0
May 7 17:38:32 ntopng [HTTPserver.cpp:1104] ERROR: Unable to start HTTP server (IPv4) on ports 3000s
May 7 17:38:32 ntopng [HTTPserver.cpp:1110] ERROR: Either port in use or another ntopng instance is running (using the same port)

Logs (System --> Gateways)

May 7 17:37:55 dpinger send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 0 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr REMOVED bind_addr REMOVED identifier "WAN "
May 7 17:37:55 dpinger send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 0 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr REMOVED bind_addr REMOVED identifier "VPN1 "
May 7 17:37:55 dpinger send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 0 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr REMOVED bind_addr REMOVED identifier "SITETOSITE1 "
May 7 17:37:55 dpinger send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 0 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr REMOVED bind_addr REMOVED identifier "SITETOSITE2 "
May 7 17:37:55 dpinger send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 0 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr REMOVED bind_addr REMOVED identifier "VPN2 "

Bold Italics edited by me

Edit: ntopng is the problem. Every time I restart a gateway tunnel, ntopng crashes and NAT stops working.

Here is what the ntopng logs are filled with:

[Mutex.cpp:46] WARNING: pthread_mutex_lock() returned 11 [Resource deadlock avoided][errno=0]

RAM had ~1600M free so not running out of RAM. CPU as I said was 100% on one of four cores at the time of this happening.

I uninstalled ntopng for now as it was unusable.

Edit 2: Totally not fixed. Seems to happen when I restart VPN2 but not always I think. WAN and VPN1 gateways always register as Down in Status --> Gateways even when they are up. ntopgn not the problem!

VPN2 has a NAT port forward rule with it's corresponding Firewall rule, will try to disable that and see if anything changes. Will investigate more and report back.

Edit 3: Seems to be fixed by selecting System --> Advanced --> Misc --> Reset states on Gateway down. I also had to add VPN1 Gateway in LAN Firewall Rules as Gateway as it would still not work with the Gateway set to default. I would like some input from someone if this is correct.

@tim-mcmanus thanks for confirming that the NIC board is not likely to be the culprit. My setup was working flawlessly giving me 450+ Mbps speeds on the LAN side. Thinking of what I may have changed other than regular updates to pfsense releases, only one thing comes to mind. I attempted to turn on a VPN server. But never completed it and recently deleted all items related to VPN server. Not sure I left something in there that's slowing things down - I don't see any alarming consumption stats in the dashboard. Links were also not showing any errors.

@TheGOP said in Bridging: physical interface bridge and VLAN bridges:

Aruba 2930M

you would have to double check but I do not think the 2930M supports VSF, which then you could do a mc-lagg... Pretty sure the 2930Fs support vsf...