@pete35 Solved, it is caused by wrong routing.

@stephenw10 said in Migrating to ZFS with 2.6.0 - A Couple Questions: Yes, you could use the config recovery process like that but I prefer to use either of that USB based config import methods listed there. Whatever you do make sure you've backed up the config first. Steve Performed the migration from UFS to ZFS tonight and everything went well! I did choose the "Recover config.xml" option during on the install menu, but it goes by so fast that I couldn't really tell whether it had worked correctly or not. Took the gamble and proceeded with the install anyway since I had made additional backups. In less than 5 minutes everything had completed and pfSense was booting and applying my prior configuration. Package re-installation overall went well also, however I had to manually reinstall both the OpenVPN Client Export and Nut packages (their configurations were kept fully intact though). Overall I'm really impressed with the robustness of the restore process: The last time I performed a fresh install of pfSense on this particular system was in early 2017 and there were no issues whatsoever restoring the configuration almost 5 years later after going through multiple pfSense version upgrade cycles. I also decided to move forward with the migration to pfsense Plus - both systems are now happily humming along on 22.01. Thanks again for all your help.

@gelcom I was just researching Wireguard and had just finished Tom Lawrence's tutorial on it. He's got 3 firewall rules (Firewall > Rules > Wireguard, Firewall > Rules > WAN and Firewall > NAT > Outbound) and you only mention 2 (that I can see). In case it helps, here's where he starts talking about the rules: https://youtu.be/8jQ5UE_7xds?t=365

@stephenw10 I cant recall changing it but at least I understand how this section works now. Ive backed up my config. Next I move onto mounting my hardware property and then vpn .

Well that might be all you can do then if you can't use whatever is coming into their router directly. Clearly other users are doing that since there are numerous instructions floating about like the one I linked to. Might be service dependent though. Steve

@raven20 I guess I should have read the release notes. "RAM disks have been converted to tmpfs." So it is working as it should. Thanks for the screen shot, it led me to investigate further.

@areckethennu said in Noob Question: How to Get to my NAS from the Internet?: Asustor provides a Cloud ID via their EZ-Connect service, but I don't know how trustworthy that is or what it would take to punch through pfSense. Probably nothing required in pfSense as long as the NAS can connect out. By far the safest way to connect to the NAS is using a VPN to pfSense. Probably exactly how you did it before. That way you have complete control over who can connect at all and when. A public cert really gives you nothing additional there and in fact can be argued to be worse since you don't control the CA. Use a remote access OpenVPN. https://docs.netgate.com/pfsense/en/latest/recipes/openvpn-ra.html Steve

You probably don't need SWAP at all. However you're no-where near using the available drive space so I would just keep any eye on the usage for now. Steve

Anything that differs from the defaults is shown with the trashcan next it. If you remove those you will have the default values. Steve

@stephenw10 this is amazing! I didnt know about it! Ill report back for future weirdos! Thanks a lot

@ben-ihelputech @gertjan said in Add support for OpenID Connect: Facebook removed themselves from the Internet for a couple of hours. This wasn't Google fault. Lol now I remember what you said. I think it was something like a BGP mis-config or something like that. The world was probably about 20% more productive that day @gertjan said in Add support for OpenID Connect: never used it, but this PIN code is a rotating one, valid for 30 seconds or so. I think the way it works it that you enter the PIN + the TOTP (which is the 30 second rotating pin). @stephenw10 said in Add support for OpenID Connect: No support currently. You can open a feature request: https://redmine.pfsense.org/ Steve Will do!

Just pull a page from it, so maybe: fetch http://<timeclock_IP>/index.html > /dev/null Steve

How is the host itself attached? Is it possible there's a loop created? Otherwise this seems like a VBox firewall problem... or maybe something on the host itself?

@stephenw10 said in Restore .xml 22.01 possible bug: Was this after upgrading to 22.01 or after a clean install? It was a 22.01 clean install. @stephenw10 said in Restore .xml 22.01 possible bug: Had it rebooted since then or was the reboot to create the RAM disks the first time? System was running perfectly, reboot and etc... Then , decided to enable RAM disk and the system rebooted to complete the process, and the kernel and pkg info problem happened. Thats when I decided to restore the configuration and noticed the ssh keys problem @stephenw10 said in Restore .xml 22.01 possible bug: I haven't seen anything like that and I did spend some time playing around with RAM disks on the 3100 specifically. I can't tell why the RAM disk problem happened.. Also, I don't know how two ssh-keys ended up in my configuration.. But this post may be useful in case this happens to someone, the only action you need is to erase the ssh-keys from the .xml and restore it again..

Installing the recovery image and then a restore has fixed this issue. Thanks to everyone for their advice.

@gwaitsi I have a 4 port HDMI & USB KVM. However, in your case,it might be easier to bring the pfsense computer upstairs. Also, my Qotom has a serial port. If necessary I could use it. Running a serial cable isn't hard. In fact, you can use an Ethernet cable, with Yost connections. You just configure a DE-9 (It is not a "DB-9") connector for each end as needed.

Hmm, where are you seeing that log? ff00.Internal.private is the pfSense host name? Are you handing Internal.private to clients via DHCP to use as a domain? That's clients requesting the wpad file for their domain. Unless you have set it up specifically it won't be on pfSense. It looks like pfBlocker DNS-BL blocking those lookups maybe? Steve

Yeah, if all the app traffic is being proxied through that it's the first place to check.

@stephenw10 okay, I'll open the ticket.