@Justin7
Yes well that will not work since you have your TPLink connected on the LAN port (as an AP only). The parental control function requires traffic to go out on Internet via it's firewall. This you can do whilst maintaining pfsense as the main firewall but it means double NATing...

What type of control are you trying to enforce? If it's access to specific sites or applications you could take a look at AdGuard Home. Then you go back to using pfsense as the DHCP server and hand out the IP of AdGuard as your DNS. And change the TPLink into a simple AP... I'm sure you can use some of the access control functions still. Perhaps schedule wifi access??

But in AdGuard you can set and block not just Ad's, malicious sites etc, but a whole range of applications as well. The App blocking is very simple to use with a nice UI and then the ability to set a schedule for the blocking.

Then there is pfBlockerNG as a plugin for pfsense.

@Gertjan

The "old" pfSense-CE-memstick-2.7.2-RELEASE-amd64.img.gz worked! I'm now up and running on my new hardware with a 10Gbps WAN connection... swoosh! 🚀

Thanks for the quick and great support!

Lesson learned: Always perform a clean barebone install using the legacy USB installer, then restore the backup, reconfigure the WAN/LAN NICs, reinstall packages, and restart.

@jonatremoteeyes

Have you simply tried reaching out to xvpn support and ask them for a either a list of IPs they use or a CIDR block they own?

https://xvpn.io/help-center/how-to-choose-the-right-vpn-server-location

###### If you have more specific needs, such as a server that is better suited for downloading content, please contact us or write to support@xvpn.io and we will provide you with a recommendation for a targeted solution.

I would look in notices.inc and gateways.inc for where the emails are triggered.

That won't help with log errors from dpinger though

If you have the ID you can just search the ruleset for it:

[25.03-BETA][root@fw1.stevew.lan]/root: pfctl -vsr | grep 1736810441 pass in log quick on mvneta0 inet proto tcp from <LAN__NETWORK> to 208.123.73.69 flags S/SA keep state (if-bound) label "USER_RULE: Connections to ews" label "id:1736810441" ridentifier 1736810441

Or if you have the ID you likely have the rule number like:
Screenshot from 2025-03-31 22-45-14.png

In which case you can use the rules view in Diag > pftop

@viragomann
Thanks for your help. I got it working. It was another noob error. I was crating rules for the UDM LAN not the UDM GW... wonder why I couldn't reach the GW. ;)

Thanks again.

Ah, yes indeed that could well have contributed at least. Still shouldn't have thrown an error though. 🤔

@Gblenn

Yep TrueNas is using ZFS and a big ram cache, however the NVME-SSD should be ... fast enough to write 10G ... I think & hope. However I must admit that SSD's are not by far as fast as advertised if you are writing larger amounts of data ..

It is a 4TB WD_BLACK SN850X not the worst ssd ....

Thanks for the contributions, all. We ended up switching between authentication settings (from LDAP to local) and then back (from local to LDAP), and that seemed to fix the problem.

@stephenw10 Success. I only tested as far as error messages in the logs.

It should be noted both earlier and later patches need to be applied in order. I was initially under the understanding the later just needs to be applied by itself.

8286c27ca678dbada2d205f606e76fab48885f60

f51505bf15e7af39c909d63356089d5e247cf781

You must have a firewall rule allowing it since all traffic inbound is blocked by default.

So check the WAN firewall rules. If there's nothing there check for interface groups or floating rules.

Post some screenshots if you're unsure.

Edit: Ooops hit post after like 2hrs. 🙄

@patient0 Thanks for your help, believe me I looked and looked for a long time before I asked!

Only when I found the rule, well when I deteted it did I recall making that booboo.

Thanks again for the help! Very much appreciated!

Done. Thank you both very much! I thought so but I wanted to make sure.

@stephenw10 Got it. Thanks for the guidance!!!

You created a SWAP partiton on a memory disk? That seems counter-productive!

Do you see an error at boot when it runs the shellcmd?

Hmm, might need to wait for another crash and see if it's identical. The only previous time we've seen this it was a one time incidents and we never found a cause.

@Finger79 said in pfSense Community Edition EoL? 2.7.2-RELEASE (amd64):

I still have my OG pfSense "open source security" t-shirt

Me too. 😁

Yes it's better in 25.03