You need to run some tests to see what's failing.

Try to place an incoming call, look for the SIP traffic from the PBX on the correct WAN.

If it's not there look on the incorrect WAN to see if it's sending it there.

If it doesn't arrive at all the phone is probably sending a bad IP for the PBX to connect to. Check the SIP registration packets to see that.
It would be surprising that audio works both ways if it is sending the wrong external IP though.

Steve

@NollipfSense said in log reading to find out why my fw crashed:

@jc1976 said in log reading to find out why my fw crashed:

hmmmmm i wonder if that's it.. could the squid cache overflow from all the downloads be causing the problem?

Sadly, it sounds more like a hardware issue...how is the hard-drive? If you're using Squid for the antivirus, I doubt it.

I'm sorry for getting back so late..

it couldn't have been a hardware issue as all has been fine since.. absolutely zero problems. it had something to do with setting up that linux box and running updates. no idea why.. and it was long enough ago that i don't remember it all, but after reading through my original post to the end where i wondered if it had something to do with the caching of updates and maybe the cache became full and it caused a kernel panic? no idea.. pfsense on that little dell has been so reliable that it almost works against me in that since there aren't any problems, there's no impetus for me to learn how to decipher the logs..

anywho, i ended up going a different route with building my media server, using win10 ltsc IoT because the various applications i was going to be running, that was just a better route to go over debian. (sonarr/radarr/lidarr/nzbget, handbrake & makemkv, and plex server are all first and foremost made to run on windows)..

just wish i knew how to read the logs..

@pfsjap BTW for Snort you should read https://forum.netgate.com/topic/180501/snort-v3/6 and consider Suricata.

"At some point in the future I expect the upstream Snort team will cease development work on Snort 2.9.x (the version currently in pfSense). At that point, unless someone has stepped up and created a Snort3 package, Snort will die on pfSense."

Yes, after looking into those tokens I see there is in fact a 'duration' value for tokens and it's 365 days.

So if a redmine is required here it's for documentation. If it's not shown anywhere it should be.

Not something I've seen before, thanks for pointing it out.

Steve

We have considered changing it many times but at this point it would likely cause more confusion than it would solve. POLA applies. 😉

Mmmm standby hardware is a comforting thing to have in such moments IMO. Yes it will always be slightly behind whatever the failed unit was but as long as it's kept vaguely current you can always update it and restore the current config to it. I have done that myself in exactly this situation.
But, yes, the NDI will be different so both boxes would need to be registered ideally.

@darren200701

No issues on latest Ventura developer beta.

If you are still having issues, Stuffit Expander is available from the Mac App Store

Yeah, if you have a CPU that supports SpeedShift it probably will be running faster/hotter with the default values than when using SpeedStep tuned to reduce power consumption.

@Gomo said in pfSense inpath DPI / setup question:

pfSense transparent bridge

Didn't even entered my mind...thanks for sharing.

@michmoor Yes, we see what you are seeing (but with our group names). We also added and removed groups in LDAP and saw those changes reflected immediately in the Diagnostics > Authentication page you show.

We have been successfully logging in with our LDAP accounts for months, and it just quit working one day. We checked group names in the pfSense to make sure they were still matching the group names in the LDAP server.

Nothing seems to work. Maybe we need to delete / recreate the group on the pfSense side, just to make sure it is processing correctly? But that seems like blindly changing things for no reason until it works, so we don't want to do that.

@menethoran said in setup new non-active (yet) pfsense machine on network with working pfsense:

I WILL be replacing one with the other, but I want to have the new one as set up as possible before switching.

The way to do that is to download the config file and use it to get started with the new system. However, you will likely have to reconfigure the interfaces to match the old system. You can do that from the console, using ssh.

@SteveITS said in pfBlockerNG - Blocking a domain:

does your log show an error it's trying to update the empty source?

No errors here when updating or reloading.

@stephenw10,

Well I am using the TFTP server and PXE to boot iPXE. Once iPXE takes over I want to use it to "sanboot" an ISO, but that requires the ISO to be made available via HTTP.

It seems like the best thing is going to be for me to just install an HTTP server on a VM or in a container for that purpose, I was trying to avoid that and let pfSense do it, but I see it probably just cannot be. I was hoping pfSense could serve it up, but no problem I'll just setup a container to do it.

Stuart

That is pretty small.

We have to do some odd tricks to parse the lease file since the format used by ISC isn't very friendly to parsers. It's possible there is something in the lease data that is making the parser fall into an infinite loop. Probably something in one of the uid or client-hostname lines, but uid is much more likely to contain something problematic.

@stephenw10 Thank you. I know I have eyes on it now... but every entry helps.

@jimp said in Modify a widget?:

While there are no plans I'm aware of to add that, given the functionality that's already there, it may not be terribly hard for someone to add and make a PR to do.

True, it looks quite nice, not been through the imports yet though. Will be something to figure for a rainy day perhaps. Thanks :)

@Jarei said in pfsense+ upgrade from 22.05 to 23.01 causes kernel panic:

well the good news is changing that problem card solved the problem running 23.01 atm had zfs saved snapshot so could test it quickly

now my license does not work anymore so can't upgrade to 23.05 like yay think i'll move my shit over to something else

just by changing 1 network card license is void
this just plain sucks :(

Are you seriously complaining about a free license that didn't cost you a single dime? Feel free to "move your ****" to another firewall platform.

Yup, if anyone can tell you what the expected behaviour of the AT&T router is it's the guys in that thread. 😉

Hi people, my NIC arrived and it's running so fine. Love it!

Will buy a Netgate 2100 in the future for the low running cost of 5W only!

fada4b50-67bd-45b0-9a3e-52815b36895e-image.png

@SteveITS

Yep it has I believe 3 modes and one of those is AP.

I will do some testing and report back but could be a while as I am not at home due to personal circumstances but will report back.

That option to place the AP there is a really great one as it also frees up a port on the Pfsense SG-1100 (I ordered one before I came to this forum, if I knew then what I know I would have ordered a 2100 😂😉