By the way if anyone needs to know a hard reset for any modem or router the 30-30-30 way works perfect. Powered on hold and continue to hold reset for 30secs, unplug power while still holding reset button, wait 30 secs holding button still, plug it back in while still holding reset and wait 30 more seconds while still holding reset. Then let go and it will default all settings.

I would also try pinging out from the console to be sure the firewall itself has connectivity.

@jonatremoteeyes

Have you simply tried reaching out to xvpn support and ask them for a either a list of IPs they use or a CIDR block they own?

https://xvpn.io/help-center/how-to-choose-the-right-vpn-server-location

###### If you have more specific needs, such as a server that is better suited for downloading content, please contact us or write to support@xvpn.io and we will provide you with a recommendation for a targeted solution.

I would look in notices.inc and gateways.inc for where the emails are triggered.

That won't help with log errors from dpinger though

If you have the ID you can just search the ruleset for it:

[25.03-BETA][root@fw1.stevew.lan]/root: pfctl -vsr | grep 1736810441 pass in log quick on mvneta0 inet proto tcp from <LAN__NETWORK> to 208.123.73.69 flags S/SA keep state (if-bound) label "USER_RULE: Connections to ews" label "id:1736810441" ridentifier 1736810441

Or if you have the ID you likely have the rule number like:
Screenshot from 2025-03-31 22-45-14.png

In which case you can use the rules view in Diag > pftop

@viragomann
Thanks for your help. I got it working. It was another noob error. I was crating rules for the UDM LAN not the UDM GW... wonder why I couldn't reach the GW. ;)

Thanks again.

Ah, yes indeed that could well have contributed at least. Still shouldn't have thrown an error though. 🤔

@Gblenn

Yep TrueNas is using ZFS and a big ram cache, however the NVME-SSD should be ... fast enough to write 10G ... I think & hope. However I must admit that SSD's are not by far as fast as advertised if you are writing larger amounts of data ..

It is a 4TB WD_BLACK SN850X not the worst ssd ....

@Mission-Ghost said in Using RAMdisks for /tmp and /var - Traffic Totals gone after power loss - Which setting to choose to write to disk?:

@stephenw10 this is inauspicious--aka--kicking the can down the road...again and again...from the redmine bug:

Updated by Jim Pingle about 1 year ago Plus Target Version changed from 24.03 to 24.07 #5 Updated by Jim Pingle 10 months ago Plus Target Version changed from 24.07 to 24.08 #6 Updated by Jim Pingle 6 months ago Plus Target Version changed from 24.08 to 24.11 #7 Updated by Jim Pingle 6 months ago Plus Target Version changed from 24.11 to 25.01 #8 Updated by Jim Pingle 4 months ago Plus Target Version changed from 25.01 to 25.03 #9 Updated by Jim Pingle about 2 months ago Plus Target Version changed from 25.03 to 25.07

I found no caveats in the manual about traffic totals being incompatible with ram disk, so I tried ram disk in attempt to further mitigate SSD wear in my 4200...only to have it fill up, blow up, and lock up the router requiring a hard reboot. Niiice.

So I turned it off, but this would be a nice fix. But the history isn't supporting it even showing up in 25.07...

Thanks for the thread bump. I'm relieved I'm not the only person who's noticed this. I wonder if there is just a development staffing shortage, because even in the forums there's silence.

Are there any how-to guides on getting started with pfSense development? I have the GitHub repo starred. I just don't have a clue how to set up a development environment to be able to tackle some bugs myself.

Thanks for the contributions, all. We ended up switching between authentication settings (from LDAP to local) and then back (from local to LDAP), and that seemed to fix the problem.

@stephenw10 Success. I only tested as far as error messages in the logs.

It should be noted both earlier and later patches need to be applied in order. I was initially under the understanding the later just needs to be applied by itself.

8286c27ca678dbada2d205f606e76fab48885f60

f51505bf15e7af39c909d63356089d5e247cf781

You must have a firewall rule allowing it since all traffic inbound is blocked by default.

So check the WAN firewall rules. If there's nothing there check for interface groups or floating rules.

Post some screenshots if you're unsure.

Edit: Ooops hit post after like 2hrs. 🙄

@patient0 Thanks for your help, believe me I looked and looked for a long time before I asked!

Only when I found the rule, well when I deteted it did I recall making that booboo.

Thanks again for the help! Very much appreciated!

Done. Thank you both very much! I thought so but I wanted to make sure.

@stephenw10 Got it. Thanks for the guidance!!!

You created a SWAP partiton on a memory disk? That seems counter-productive!

Do you see an error at boot when it runs the shellcmd?

Hmm, might need to wait for another crash and see if it's identical. The only previous time we've seen this it was a one time incidents and we never found a cause.

@Cabledude

My 5 cents :

Is it always good to update pfSense?

Yes, it is.
That is : do not update / upgrade the moment it comes out.
Take your phone, set a rdv at 'now' + 2 weeks.
During these two weeks, look at all the forum message that talk about this new version.
If issues are mentioned, like "FreeRadius plays hardball with the new PEAP protocol when using vlan and radius capable access points" then you know : that issue won't concern you.
If it says : "the DHCP client on WAN doesn't work anymore" then you now there's a show stopper out there, and you change de rdv set to "2 weeks" and make that "1 month" and you go back to normal live for the rest of the month.

When you use the same version as everybody else, you have one huge advantage : if you find an issue, you can't be the first one that found this issue. So ... your issue is already handled and answered on the forum.
Issues can't survive if hundreds of thousands of user have the same issue : they get dealt with.

If you use pfSense Plus, you have ZFS, live gets even easier on you : create a new boot environment, boot into it, and then upgrade. Something doesn't please you and you have no time dealing with it on the spot : boot back into the previous environment and call it a day, deal with it later. "Let the forum tell you later what to do".
The ZFS file system allows me to use the Beta versions, which is normally a big no-no if pfSense is used in a production environment** as I know I can get back to a working condition the time it takes to reboot, 60 seconds or so ?!

I would the contrary is valid : if you have enough expertise, enough time to lose, you feel right at home at the command line, editing a script file here, patch something else there, you know the basics of the OS used (FreeBSD), you control the sate of your router regulatory, always on the look out the event in the system logs that is 'new' or 'strange', then, yeah, you might be qualified for the "I don't upgrade' option.
Guess what ? Experts and the ones who know what they are doing, don't do this 😊

** or a simple 'home' setup and you have 15 years old as network clients, then using the Beta version can condemn you to sleep in the dog house.

@Finger79 said in pfSense Community Edition EoL? 2.7.2-RELEASE (amd64):

I still have my OG pfSense "open source security" t-shirt

Me too. 😁