• Bandwidth problems between sites

    39
    0 Votes
    39 Posts
    4k Views
    stephenw10S

    Well if you can do a test to make sure it will actually solve the problem first that may be worth it then.

  • Broken packages no updates available 22.05-RELEASE

    Moved
    11
    0 Votes
    11 Posts
    746 Views
    M

    @stephenw10 Thanks Steve! Everything is ok now. I've built a new image and restored my backup. Yeah you were right guys, it took at least 40 min to reinstall and update packages in the background. I wish I can monitor all background processes, to be able to understand what is happening behind the scene.

  • pfsense "vm_fault: pager read error

    2
    0 Votes
    2 Posts
    384 Views
    stephenw10S

    @brianmaimo said in pfsense "vm_fault: pager read error:

    vm_fault: pager read

    That's a very generic error. Do you have a crash report?

    Any other errors logged?

    Steve

  • Ubuntu and Pfsense connectivity issues

    8
    0 Votes
    8 Posts
    2k Views
    stephenw10S

    Yes, I would definitely recommend that. If only because that's how virtually all networks with VLANs are setup and if you do something unusual like that you will hit unusual problems!
    Really the only reason to trunk tagged VLANs to a host is so that host can access multiple VLANs. So you might do that for a VM server or an access point with multiple SSIDs.

    Steve

  • Certain destinations unreachable

    6
    0 Votes
    6 Posts
    704 Views
    stephenw10S

    Hmm, yeah seems odd.
    Maybe you can whitelist your IP (or dyndns name) to prevent it.

    Steve

  • dpinger exiting on signal 15

    Moved
    6
    0 Votes
    6 Posts
    5k Views
    stephenw10S

    That can happen certainly if an assigned interface changes state. That can trigger a whole number of things depending on what is installed or configured. Generally though it shouldn't be a problem. The logs you see there are not a cause for concern by themselves.

    Steve

  • 0 Votes
    3 Posts
    723 Views
    stephenw10S

    Yeah just do that.
    It is possible to disable the pkg reinstall process but not in any easy way. For example if you interrupt the boot and go into single user mode you can remove the 'needs_package_sync' file from /conf. If you're running ZFS that's a bit involved but possible.

    https://docs.netgate.com/pfsense/en/latest/troubleshooting/single-user-mode.html#single-user-mode-zfs

    You could probably also comment out the check in rc.bootup but that's likely more error prone.

    Steve

  • Problem with traffic after upgrade 2.5.2 to 2.6.0

    6
    0 Votes
    6 Posts
    732 Views
    P

    @stephenw10 Thank You, i got it :)

  • DNS Resolver doesn't work with my university domain.

    60
    0 Votes
    60 Posts
    11k Views
    johnpozJ

    @gertjan said in DNS Resolver doesn't work with my university domain.:

    I would like to understand what the reason for the ISP is to block this port 123.

    While I agree it low bandwidth, but it is also a common amplification tool via for one that old monlist command, but pretty sure that was disabled many versions ago to prevent that attack vector.

    But maybe they are just playing it safe because not like users keep their stuff updated all the time.. Look at here where they are still running like 2.3 versions of pfsense..

    They could do it a different way to allow for source 123 to be answered, with yeah a stateful firewall. so if one of there users asks some ntp server with source port 123 that is allowed, but nonstateful traffic inbound to 123 would be denied. While sure udp is not really a stateful protocol, most firewalls do keep track of the state.

    But that would be more work for them so they most likely just go the easy route. And don't monitor state of the users traffic and just block all inbound to their network on 123..

  • 0 Votes
    3 Posts
    316 Views
    stephenw10S

    Mmm, really you should be using some other type of authentication for that sort of connection.

    Steve

  • pfsense concerns that I've read

    12
    0 Votes
    12 Posts
    2k Views
    G

    @pwood999 that’s the point I was making. Terrorism, organized crime, espionage…but not basement dwelling hentai watchers. The level of paranoia some people have is nuts. It you want to truly be safe, don’t use anything electronic. Ever.

  • 2.5.2 Crashing Every Few Weeks

    6
    0 Votes
    6 Posts
    600 Views
    stephenw10S

    Hmm, the only thing this looks like is an issue we had before 2.5.2 was released where pfctl was bogging and exhausting the RAM triggering a panic in ZFS. But to trigger that we had to deliberately use very low memory systems and this has 32GB so.... that seems unlikely!

    However check the memory usage history in Status > Monitoring.

  • Lost Admin Password

    8
    0 Votes
    8 Posts
    833 Views
    B

    @stephenw10 @andyrh Yes, you are right. I need to set things up so that I can get in when/if something like this happens again.

    Thanks for you help.

  • Epyc 3251 and Wireguard

    3
    0 Votes
    3 Posts
    301 Views
    johnpozJ

    @jarhead thanks - deleted it, but you can just click the little 3 dots in the bottom right corner and flag the post next time.

  • Any chance to import cert/key from backup .xml?

    6
    0 Votes
    6 Posts
    694 Views
    S

    @stephenw10

    thank you Steve, that was the problem!

    Simply decode under Linux:

    cat certb64 | base64 -d > cert cat keyb64 | base64 -d > key
  • pfsense 2.6.0 with hp t620 plus + 10gbe nic

    2
    0 Votes
    2 Posts
    671 Views
    stephenw10S

    What CPU is that?

    You are testing directly to iperf running on pfSense? That will always be worse than testing through it. You can see in that video he's testing through the firewall and a completely different NIC type.

    Steve

  • Crash report

    24
    1 Votes
    24 Posts
    2k Views
    stephenw10S

    2.4.5? Any reason you're not running 2.52 or 2.6?

    What crash are you actually seeing?
    supervisor read instruction, page not present could be any number of things.

    Steve

  • Epyc 3251 and Wireguard

    50
    0 Votes
    50 Posts
    8k Views
    stephenw10S

    Yeah, that's.... interesting. Good to find though!

    Also I'd argue it's Chelsio that hates Wireguard. 😉
    Though I'm not sure if that's more unexpected.

    Steve

  • Firewall schedule

    4
    0 Votes
    4 Posts
    607 Views
    M

    @stephenw10 Yep i figured out how the scheduling works. GUI isnt clear (at least to me) how to do a daily schedule or a monthly scedule. Months are presented so it feels like its implied that if you want to have a rule active only on the weekends, you need to select every weekend on every month but you actually dont. Documentation is not clear on this front either but nevertheless reviewing the xml stanza made everything make sense.
    Thanks Steve !

  • Influxdb v2

    3
    0 Votes
    3 Posts
    369 Views
    M

    @morgion thank you. Still some issues pending 😢

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.