One more :
    Flawless IPv6 support …..

Dude is your client pointing to pfsense for dns??  if you have forwarder enabled in resolver it will forward to where you tell it to forward.. If your using the forwarder then it will forward to where you set it to forward..

If your client is not pointing to pfsense doesn't matter how you set pfsense up..

Please post up your setting in pfsense, and your settings in your client showing what dns its using.. simple ipconfig /all in windows machine.

Here took all of couple seconds to switch over and test this.. See attached.. Make sure you clear your browser cache and your machines local dns cache.. Reboot the machine if you do not know how to do that..

If you do not disable dnssec and you forward to opendns your prob not going to get anything back since they do not support dnssec..  That should be disabled if forwarding to opendns.  See screenshot.

forwardusingresolver.png
forwardusingresolver.png_thumb

from what you are trying to do you can just setup a vm with openvpn AS (it comes as a VM appliance ) and just vpn from your pc to it and than use opendns to filter traffic by categories or lists.

Regardless of any disk mirroring you have in place, ZFS or GMIRROR, the remote site should always have ready access to a USB installer memory stick/CD for the version they are running and access to a current configuration backup, via Auto-Config Backup or another method.

Just a hunch, manually set your interface speeds on both ends. Also check your interface statistics to see if there is more than the expected traffic.

Even with DD-WRT those little boxes just freak out when overloaded or the PHY starts misbehaving.

That's why I'll never, ever buy a BMW.  8)

Yeah. That's item #6 here:

https://doc.pfsense.org/index.php/Port_Forward_Troubleshooting

The port 80 redirect to the web gui works completely differently for NAT reflection than with a port forward.

Hi!

Sorry for late reply.

No shaping whatsoever.

I upgraded to 2.4.2, and the crashes stopped. But suddenly i had a crash again three days ago. I think i'm just going to do a fresh install.

Regards

Tommy

The most likely reason for the blocking to continue even after the rule is suppressed or disabled is that you had two instances of Snort running on the same interface, but one is in a sort of zombie state and does not see changes made within the GUI.  That process would continue with the original rules in place.  Rebooting the firewall will of course kill everything and start from scratch.  There should be only a single Snort process running on each configured interface.  You can check that using this command line:

Sometimes multiple copies of Snort can happen if something causes the firewall to issue a "restart all packages" command while another Snort restart is already in progress (such as a rule update download).  Another way to get multiple Snort copies running on the same interface is using the Service Watchdog package.  Never use that package with either Snort or Suricata!.  It does not understand how to properly start Snort and Suricata, nor does it know how to properly monitor all the configured interfaces.  It will see Snort "down" during the restart from a rules update and thus issue its own "start up" command without knowing that Snort is already restarting.  Thus you can wind up with two Snort instances running on the same interface, but only one of them will respond to GUI changes.

Bill

I just looked at the relayd conf man page and found this:

https://man.openbsd.org/relayd.conf.5#PROTOCOLS

Does that answer your question?

The looks like an Akamai CDN error page.

https://community.akamai.com/community/cloud-security/blog/2016/04/07/why-is-akamai-blocking-me

You will be able to download the image once it's ready.

Hi,

I managed to create multi ssid with my asus wireless router in AP mode with one VLAN bridged to the VAP. The two LAN devices attached to the wlan router are in static ip in my case 10.0.10.20 and 10.0.10.30 but I cannot still connect to the internet somehow. so is it better to invest into smart router and put it in between?

Yes after looking into it some more, I can see it is obvious that OpenVPN is the right way to go.

Thanks for the replies.

makes sense now that you have told me :) thanks Bud