Thanks all for replies; I'm planning to do a test setting up another PFSense 2.5.2 in same VMWare environment. With same packages and same configurations (importing them). Then I uninistall packages like Snort and NtopNG, and I'll do upgrade to 2.6 version to verify the behavior.

As my actual PFSense manages 6 public IPs (set as Virtual IPs on WAN interface) it's not so quick "move" them from a PFSense to another one.

@jarhead

That worked perfect! Thank you very much!

@stephenw10 I guess there is VLAN configured because I didn't need to set it on the pfsense

@stephenw10 said in SG 6100 Lan Ports Intermittent connection:

So you have not seen that issue again in 22.05?

Yes.

If it does happen again check the logs. If you can still access the pfSense webgui it's not an issue with the LAN ports specifically but probably either DNS or something with multiwan.

Ok noted.

Thanks much steve for this insight of yours.

Not in pfSense. You would need to do that at the switch with 802.1x.

Steve

It will work with DCO if you're able to try that. That using the kernel crypto framework and the QAT driver is available there.

Steve

The only way to address that is using very low TTL values and there is no way to set that in pfSense. Even with that it's not difficult to workaround it at the client by simply setting the TTL values there.

Steve

@stephenw10 Just glad this has been sorted out :)
So for future me when i forget how I did this... "add 0.0.0.0/0 to the allowedIP" section to have dynamic routing, route traffic over the tunnel.

@johnpoz said in Is ISP blocking all ports?:

did you send them your test results showing clearly ports not getting to your device when using the static

I sent them detailed reports with very specific comments about what did and did not work.

I was told it was escalated to level 2, but never was able to talk to a tech who seemed to have a clue. The common response was "we set up the modem/router correctly, it should work", despite the fact that each tech said that the last one didn't quite get it right.

I never did speak to anyone (or hear second-hand) at the ISP who acknowledged that there really was a problem.

It was all rather frustrating! I finally told my client that I didn't see us getting it resolved with that ISP.

Mmm, not familiar to me. Let me see if any one else has seen it....

@stsc_srzc_de Try the "RFC 2136 Clients". Also you could disable ULA in Fritzbox.

Yes, I would expect them to have been removed when the packages were uninstalled.

If you restored a config later it might have had those crontab entries but been unable to install the package for some reason. That would result in what you saw.

Steve

@stephenw10 You sir are a gentleman and a scholar, I have nothing but my thanks for you. Cheers!

@stephenw10 Yes

@stephenw10

Well, I don't know what it could be. Thank you for your help.

Hmm, odd. I'm not aware of any issues that present like that. Glad you were able to resolve it anyway.

@stephenw10 said in Confused about rule:

The rule number to rule description is created when the logs are viewed and that can change.

Yeah I was thinking the same thing at first - but then he showed his actual rules and the IDs were the same - very strange.

@stevemac00 I just pushed an update that adds some features. Give it a try when you can.

You can operate on rule(s) based on description now, as well as specify multiple ruleIDs as a comma separated parameter for batch operations. If >1 rule matches a description, they will be actioned as a group. Changes are output at the console as well as logged to the GUI > System Log.