@McMurphy Excellent, glad it worked. @stephenw10 was of course right on the money too, and faster then me :).

Thank you all for your comments.

Not sure what I did, but Firefox stopped complaining.

You can speed up mounting root by changing the value of kern.cam.boot_delay in a custom loader value. But some systems require that delay to allow the root device to become active.

The WAN setup should be quick unless it's waiting for something. Usually that's DHCP but not if it's set static. Do you have it set to dhcpv6 with no v6 server present perhaps?

@andrerochedo Thank you

You can try to resolve those fqdns as an alias and use that in policy routing. However there's a good chance they resolve to numerous IP addresses. Especially for something like that where anonymising the traffic may be important. They may6 not respond to ping but they do resolve. YMMV!

@stephenw10 just saw that thx,
"By default, the M.2 SATA drive will then be the first drive recognized by pfSense" that's good :)
Thanks for your help!

@stephenw10
Thanks for looking at this and helping me out, when i restarted the states, and toggled some firewall rules after testing with packet capture, it just randomly started working.

ive rebooted a couple times and changed things around and it seems to be good for now, not sure what caused the issue however, but i think i should be good now.

Thank you again for the help.

@stephenw10 said in VM access in LAN pfsense from home network:

add the routes to the Orange Pi directly

Okay, thanks for the idea. initially, I tried to add a path to the router itself, but I did not find such an opportunity. I'll try your idea tomorrow. Thanks for the quick replies, have a nice evening!)

@stephenw10 said in Pfsense 2.6 : Google Map picks last known location:

in some database somewhere

multiple dbs I am sure.. There are a few public ones you can use as an example

https://wigle.net/

It is an interesting problem sure - but its not pfsesnse manipulating your location info ;) I wish it was that simple - then I could easy use my pc for making bets vs having to do it on my phone ;)

Back on Plus - thank you @stephenw10.

Given I do not really mess with my firewall much, this should be stable for a while as long as I do not change any hardware. It would be neat if the NDI did not change with simple hardware changes. I get it, but man alive, I hope I never have to change anything. Time will tell.

Cheers,

@xmacj Perhaps the remote side didn't like something about your original ip address.

I have an ecobee premium (upgraded by ecobee due to wifi issues on a ecobee 3 lite - data drop outs, morse code).

No wifi issues (it's bound to 2.4ghz band). But it does like to phone home to amazon every 50s. None of the amazon features are enabled, but it still insists.

To mitigate this, 2 different measures are in place. On the dns side, only requests to *.ecobee.com are resolved (adguard home). All others return 0.0.0.0 .

On the pfsense side, amazon asn is blocked for this device just in case the dns filters are off (sometimes happens during testing).

@alfredo IIRC this is a FreeBSD issue. I get similar error on my FreeBSD machines in ESXi 7. Does not happen very often but a few times daily. Has never caused any real issues.

Have you tried changing the VMware SCSI controller to LSI SAS instead of VMware Paravirtual? I have read that this can help. I have done so and the LSI SAS machine still has some of these errors.

Cheers,

@stephenw10, that's what i was hoping for! thank you!

@SteveITS I did a cold boot and the serial connection is working now. I was trying serial post boot prior to this and that did not work.

I am good now.

Thank you @patient0 and @SteveITS

@phil-davis said in Traffic Graphc statistics are backwards for LAN interface:

It has always been like that. The graph is with respect to the pfSense interface - so download traffic goes OUT LAN.
The table of clients is with respect to the client - download traffic is IN to the client.
It needs to be this way, because the clients in the table can also be systems out on the public internet (selecting to show "Remote" or "All"). And in that case it looks sensible that the table shows bandwidth out of some public IP and bandwidth in to some LAN client.

Just quoting this comment because, despite being a nearly 10 year old thread, this is the comment that made it click in my head. I had no idea why the graphs worked this way until Phil explained it. Thank you!

@stephenw10 Tried the FreeBSD 15 snapshot 20250227 and it behaves the same way.