When you restore a backup, there's a drop-down list that lets you select which area of the backup you want to restore. By default it's set to ALL, so you will need to change it to just the area you want to restore.

First: I know it's not good to use USB NICs and yes, currently I'm still using it. Just want to share some more experiences. So I searched on Google and found this post https://forum.pfsense.org/index.php?topic=13014.msg70145#msg70145 https://forum.pfsense.org/index.php?topic=13014.msg70145#msg70145 As GruensFroeschli said: 1: Well it depends on your setup. If your client can handle oversized frames you should not have to change the MTU. If the driver of your em-NIC's cannot handle oversized frames, you would have to change the MTU on the other side of the link, so no oversized frames arrive at your end. 2: The problem is, that VLAN-tags add 4bytes to every frame. –> frames can become bigger than the allowed maximum. Most drivers can handle this, but some have problems. And some more about vlan and MTU: http://www.microhowto.info/tutorials/802.1q.html http://www.microhowto.info/tutorials/802.1q.html http://wiki.mikrotik.com/wiki/Manual:Interface/VLAN So following this logic, I thought I will need to increase MTU size then. I tried these steps, now VLANs with 1500 MTU works. 1. Enable Jumbo Packet for that LAN USB NIC on physical host not in virtual machine Windows in my case, and set maximum size to 4KB (I guess 2KB or 9KB etc. will work as well, see above links for WHY) (Most Intel NIC supports 9KB, but 4KB is enough for solving this problem though, will be a problem if you need to transfer big files between VLANs where all Intel NICs on PCs support 9KB but the LAN NIC on pfSense only support 4KB maximum, but that is not in this scope though.) 2. Set the actual LAN MTU to 4000 (Or anything greater than 1518) in pfSense. (All VLANs are virtual interfaces created on LAN interface in pfSense) So only 1 physical cable for LAN and all VLANs 3. Then set MTU for all VLAN interfaces in pfsense to 1500. Now all VLANs working with 1500 MTU, For Internet, captive portal web page and web page hosted inside the LAN or VLANs. (Previously, Internet works, but can't get on captive portal page which hosted on pfSense, and can't get on web page which hosted in in LAN hosts.) ;)

Yes, this is very possible. At current, I have it enabled on my box. One wan (plugged into the motherboard) and two lans (using a dual port NIC) What I did was: 1.) Go to "Interfaces / OPT1" 2.) Set IPv4 config type as "Static IPv4" Leave everything else alone in that section 3.) Scroll down a little and give opt1 a static IP. Something like 192.168.2.1 4.) Leave both of the boxes in "Reserved networks" unchecked 5.) Click save 6.) Go to "Services / DHCP Server / 7.) Click "OPT1" 8.) Check "Enable" under "General Options" 9.) Change the range to "(From) 192.168.2.2" "(To) 192.168.2.254" Now, plug in your OPT1 to your pc or something, and you're good to go. (at least you should be) [EDIT] (also, make sure you have the "allow all traffic" rule enabled in OPT1. You can customize it to your liking, but this is just to be sure that it works.)

@KOM: You have to type 124 on the keypad, believe it or not, instead of using the numbers above your letters. Thanks but I know that and that does not work either. There seems to be a problem with ESXI since I am using the webinterface for ESXI and when trying to make a pipe on the computer I am using to connect to the webinterface it works, both the symbol (in my case ALT GR + the key to the right of my left "Shift" button) and the alt-code ALT+124 on the numpad. :( Edit: Solved this by enabling "Secure Shell" (option 14) and then used my SSH client to run the command and then all the characters worked (or at least copy-paste).

I just send xinetd logging to ntp.log (tried to send it to his own log just in case, but couldn't). It's probably not a permanent solution, i guess syslog.conf file will be rewritten on reboot. Just change this two lines on /etc/syslog.conf and restart the syslogd service !ntp,ntpd,ntpdate,xinetd … !-xinetd,ntp,ntpd,ntpdate,charon,ipsec_starter,openvpn,….

There is also an option under System > General Setup to make that panel open by default, if you prefer.

Thanks for your help guys.

On which pages specifically? And did it work in 2.2.x? The entire UI was rewritten between 2.2 and 2.3, some pages may have just been missed when sorting was added back in. Others may not sort for a reason. Usually configuration pages won't sort because the order is meaningful, but status pages will sort.

I can also suggest to never use the admin account as VPN authentication. Sounds a bit paranoid, but why not.

Lightsquid generates reports based on squid's access.log. It's a package.  Install it.

Thank you very much. It showed that the mongod was hanging. It’s part of the UniFi controller running on my pfSense as well. Until now there was no problem with that. Now ipsec is running but no IPv6 traffic. Any further advice?

You're using limiters, not actual interface shaping. I have no experience with limiters, but a common issue is the IP mask used. You may be creating a limiter PER CONNECTION. If you want to shape the entire interface, use shaping, not limiters.

I haven't seen that one before, but it would appear at a glance to be crashing in handling of SCTP on IPv6. Are you actually using anything like that or allowing it through the firewall?