• Port 443 suddendly stopped by the firewall

    2
    0 Votes
    2 Posts
    133 Views
    V

    Okay I ran out of ideas so I grabbed a backup of the config file from before I installed HAProxy and ACME and restored it.

    Access is again granted to port 443. I will have to assume it was HAProxy but I only had set it up for port 80 and it was working. I was starting to work on 443 but everything for those backends and frontend was disabled. Also I completely disabled HAProxy and no difference.

    Oh well. I will just start again with ACME and HAProxy and see what happens

  • DHCP Timouts

    5
    0 Votes
    5 Posts
    529 Views
    A

    Can you add some network addresses and ranges to your diagram?

    For example - 192.168.0.1/24 or something similar?

    Jeff

  • HAProxy SSL Offload and LAN users [SOLVED]

    3
    0 Votes
    3 Posts
    381 Views
    P

    Hi @PiBa
    After a good night sleep, and some coffee, I discovered a domain override for https://www.yourdomain.tld/ in my DNS resolver. False alarm.
    Thank you for your time.

  • [SOLVED] First time install. Need help!

    10
    0 Votes
    10 Posts
    1k Views
    B

    @KOM In accordance to Aristotle - the first sign of real knowledge is ability to explain shortly the matter and teaching this matter. I wish you big money in your free time ... The information that I've got from @stephenw10 - all that I've been asking. For now all is working.

  • pfSense Crash

    3
    0 Votes
    3 Posts
    415 Views
    GertjanG

    @Ozzmosis said in pfSense Crash:

    can not find the problem.

    Cut the problem in pieces.
    Like : remove the VM from the equitation.

  • apply changes with pfSsh

    2
    0 Votes
    2 Posts
    363 Views
    GertjanG

    @skullnobrains said in apply changes with pfSsh:

    how can i apply my changes without relying on rc.reload_all ?

    By "reading", rc.reload_all, see what it does, under what conditions, and do it yourself what rc.reload_all does.

    There is no documentation that states what a file or functions does.

  • Copyright..bla bla

    3
    0 Votes
    3 Posts
    283 Views
    A

    ok thanks, now it is clear...

  • Howto filter Firewall log using regular expression

    2
    0 Votes
    2 Posts
    847 Views
    stephenw10S

    Just remove the spaces, so: !(wan|lan)

    Or (opt1|opt2) if those are the interfaces you want to see hits on.

    Steve

  • Blocking bittorrent on one client

    2
    0 Votes
    2 Posts
    234 Views
    johnpozJ

    If you do not have a policy against it, then how do you think its ok to block him or throttle it?

    Step 1.. Create you use policy!

  • PPPoE link dying after 2.4.4_2 update

    14
    0 Votes
    14 Posts
    2k Views
    M

    I haven't tried across subnets yet, I'll have a look at that next time it dies. Thanks again for everyones help so far.

  • [SOLVED] What would trigger this info popup?

    8
    0 Votes
    8 Posts
    921 Views
    S

    @superweasel said in [SOLVED] What would trigger this info popup?:

    Thought I might have been hacked.

    Me too👅

  • pfSense randomly freezing

    6
    0 Votes
    6 Posts
    2k Views
    ender_E

    @JKnott I left memtest running a few days after I moved pfSense to APU, it found no problems (and didn't lock up). The old board had ECC RAM, too, and there were no errors logged in IPMI.

  • Intel X553 and Wake On LAN support

    5
    0 Votes
    5 Posts
    544 Views
    jimpJ

    Setting it via ifconfig ix3 wol (FreeBSD) would only matter if pfSense was putting the device to sleep or a low-power state, which isn't going to happen.

    If the device is powered off, that's entirely between the BIOS and the NIC, nothing to do with the OS.

  • Two or more pfsense boxes

    8
    0 Votes
    8 Posts
    675 Views
    M

    having a prod and a test/dev FW can be good.

  • Another IGMP proxy post

    23
    0 Votes
    23 Posts
    3k Views
    S

    @pr3dict
    Thanks to meckhert on the unifi forum I've now managed to solve my hdhr problem by installing socat on a raspberry-pi that I already had on my private LAN. On the raspberry-pi I created and enabled a simple systemd service for socat so that it auto starts using the command meckhert listed.

    192.168.100.17 is the IP of my hdhr on my IoT network.

    socathdhr.service:

    [Unit]
    Description=socat hdhr
    After=network.target

    [Service]
    Type=simple
    User=root
    ExecStart= /usr/bin/socat -d -d -v udp4-recvfrom:65001,broadcast,fork udp4-sendto:192.168.100.17:65001
    Restart=on-failure
    RestartSec=10

    [Install]
    WantedBy=multi-user.target

    I hope this helps.

  • Pre install Question

    4
    0 Votes
    4 Posts
    440 Views
    A

    @EricHamby said in Pre install Question:

    @akuma1x

    You take one of the lan ports, share the connection so it send the signal to the switch.

    I still don't know what that means - share the connection.

    In my attached example picture, this pfsense box only has 2 ports - WAN and LAN. You would plug the WAN port into an available port on your modem, and the LAN port goes to your switch.They are 2 separate ports, going to 2 separate devices.

    Jeff

    sg-2220.png

  • Best practices to configure pfsense?

    Locked
    6
    0 Votes
    6 Posts
    780 Views
    A

    @johnpoz said in Best practices to configure pfsense?:

    To be honest for stable working pfsense would be leave it at default, unless you actually need to change something and you understand what your doing...

    Agree with that!

    Also, to the OP, something you should NEVER do is open port forwards to the "general internet" for servers or services on your internal network(s). Some hacker/cracker will eventually find it and exploit it, guaranteed. If you have internal stuff you want to access from the outside, use a VPN provider/service and remote into your network that way instead.

    Also, if you do need/want to create firewall rules to move traffic around your network, it's best to add them 1 at a time and test to make sure stuff works. If it does, you're good. If it doesn't, start looking for answers. Lots of info is on the web and here in the forums.

    Jeff

  • DUCKDNS Pfsense Using VPN IP Address not ISP IP Address

    9
    0 Votes
    9 Posts
    2k Views
    stephenw10S

    @choder said in DUCKDNS Pfsense Using VPN IP Address not ISP IP Address:

    I guess this means I have to many devices...

    Ha, could be! 😉

  • Packet loss and high ping

    10
    0 Votes
    10 Posts
    3k Views
    P

    @Derelict Thanks so much for the tip, I still have my old edgerouter lying around, I'll set it up as you said and see what happens.

    @stephenw10 I checked the graphs, and it seems that the pps actually seem to dip before the ping spike, strange.

    Thanks all for the advice so far! I'll have enough to go on for now and will contact my ISP with my findings next week.

  • 0 Votes
    5 Posts
    1k Views
    stephenw10S

    That looks like a hardware issue but it's still processing. It's something different.

    Steve

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.