And again:

https://doc.pfsense.org/index.php/PPTP_VPN

What are you not understanding that PPTP is broken, insecure, should not be used, and there are limitations in the pf firewall that prevent multiple connections from the inside to the same address on the outside?

If PPTP is what you require, you should probably use another firewall.

Several upgrades ago, I had a similar issue with the forwarder… where it would not resolve anything after an upgrade.    I never tried re-saving the config, but what did work for me was specifically selecting my LAN interfaces on Services -> DNS Forwarder instead of leaving it on "All".

We may have two totally separate issues, but it's worth a shot.

depends… it will overflow if your doing really long ones like with names but if you do a -rnW it should look pretty good even with long address with vlans on them, etc..

long.png
long.png_thumb

In system_hasync.php I can see " Synchronize Interface" setted with my WAN interface, but I have not setted it, I suppose is default. If interface need to be configured somewhere else, could you help me to check?
BTW thanks for your reply, I will try to replicate the error in VM and from here upgrade to 2.4.3 develop to see if is fixed even to me.

@emammadov:

Thank you for your reply. Is 2.4.2 version stable?

Yes, 2.4.2 is stable.

Sweeeeeet

Before u get excited, is there a BSD driver that will talk to your particular UPS? Am not sure there is a universal UPS driver.

@kpa:

The Hitron will have two or more network interfaces and the one in the sticker might be the MAC address of the internet facing "WAN" interface.

The -b0 MAC address seems to be listed as the HFC (Hybrid fibre-coax) MAC address.


I eBay my SSD and splurged on a used 16G Sandisk for usd$7.  S.M.A.R.T. says is been used for less than 2 days.  Am happy.  Even if u buy new, a 16G SSD shouldn't be that much and you will still be using 1/4 of its storage.  Not a big decision.

What is your down speed and what brand of NIC?

It is a bug, when something other than the first entry in the list is selected:

Bug reported: https://redmine.pfsense.org/issues/8338
Proposed fix: https://github.com/pfsense/pfsense/pull/3907

actually it is just reporting the wrong host name/IP in the testing messages. Actually the code seems to be testing the correct entry.

Can not find it where?  The gui log is only going to show the last X number of entries.. No matter how big you make the file..

Also when you adjusted your log size from the default 500 did you read the NOTE.. Where you have to clear for the new size to take effect..

NOTE: Log sizes are changed the next time a log file is cleared or deleted. To immediately increase the size of the log files, first save the options to set the size, then clear all logs using the "Reset Log Files" option farther down this page.

Setting log files to 10G would be ALL log files, not just the filter.log so you could run out of space setting them too big..

Here I just modified mine to be 5MB in size each… After reset you can see in the dir they are all set to 5MB

[2.4.2-RELEASE][root@sg4860.local.lan]/var/log: ls -lah
total 88816
drwxr-xr-x  6 root        wheel        1.0K Feb  7 14:00 .
drwxr-xr-x  29 root        wheel        512B Jan 23 21:52 ..
-rw-r–r--  1 root        wheel        42K Sep 17 20:05 bsdinstall_log
-rw-------  1 root        wheel        4.8M Feb 16 13:30 dhcpd.log
-rw-r–r--  1 root        wheel        9.7K Jan 11 14:45 dmesg.boot
-rw-------  1 root        wheel        4.8M Feb 16 13:31 filter.log
-rw–-----  1 root        wheel        4.8M Feb 16 13:29 gateways.log
-rw-r–r--  1 root        wheel        10K Jan 23 13:06 haproxy.log
-rw-------  1 root        wheel        4.8M Feb 16 13:29 ipsec.log
-rw–-----  1 root        wheel        4.8M Feb 16 13:29 l2tps.log

<snipped>In your system log settings what does it show you for space of your log files… Here is mine after I adjusted to 5MB size

Disk space currently used by log files is: 94M Remaining disk space for log files: 20G</snipped>

Found something in the logs about the ICMP Pinger in Squid and then the service restarting.  Not sure how I didn't see this before.  Anyway, I have disabled that in the Squid settings and so far it hasn't restarted after 24 hours so, will keep an eye on it, check in a few more days and advise if that has resolved it.

I have static public IPs, that's not the problem. The problem is that OpenVPN doesn't find the route "back" when the failover happened and the first OpenVPN server is down.

Looks like buffer bloat. I would recommend the Traffic Shaping forum. You could try enabling FairQ on your WAN interface and check the box on the child queue to enable Codel. This works well enough for most people. For now it gets more complicated quickly beyond this, but soon™ it may be as easy as a few check boxes to fix buffer bloat.

i would at least unplug the cable modem for a few minutes or so.  You might need to call your ISP to make sure it is in bridge mode, sometimes they need to flag your account that it is in bridge mode.  You have to make sure your internet is working correctly before you go any further or you are just wasting your time.