@stephenw10 Thanks Steve, I can put my mind to rest now!

@gertjan I suspected that, then it's probably easier to "browse" it with a backend browser - get the data needed and present it again - at the "other" server.

It's the ntopng that became a troublemaker. I'm worry free now after turning off ntopng! I will figure out how to wipe this ntopng and install a fresh one. I looked at the crontab and nothing looked suspicious. Thanks you all for all the directions.

@dnwigley did you setup the switch to route between different networks you put these devices on? Did you setup any sort of multicast filtering? If you put the devices on the same L2 network.. Most switches wouldn't be do any filtering either. I think your going down some rabbit hole trying to blame it on something filtering something. If you discovered the other nas - and get presented to auth.. This pretty much shows your talking to it.. And highly unlikely your fitering some aspect of the auth process at your switch. You mention access to the DSM interface - how exactly are your trying to access that.. You should be able to access the dsm on port 5001.. Are you using some name that resolves to public IP vs your local one?

@work_purposes_only said in openBGPD and FFR - Migrating 2.3.x to Latest 2.5.x: @nollipfsense I've just inherited this network. So, I'll be taking this next year to tidy it up before going back to uni for my degree Okay...fine inheritance...hope it came loaded (your forum name implied business).

When you connected the PC directly to Eth1 did it show the expected link speed/duplex? 40Mbps is sufficiently slow to point to a link issue. Steve

@stephenw10 I forgot the first step: Always check the cables.

@hulleyrob Or maybe https://en.wikipedia.org/wiki/RRD_Editor Btw : I never had the need myself, or, by memory, didn't saw some one mentioning on the forum, actually modifying them, to retrieve history data. Also; I back up most of the RRD history data : https://www dot test-domaine dot fr/munin/brit-hotel-fumel dot net/pfsense.brit-hotel-fumel dot net/index.html

Yes, you can 'alternate host names' in Sys > Adv > Admin Access that the referer check will then accept. Steve

@Patch @stephenw10 Thanks for your help! Replacing the switch fixed the issue! I factory reset the TP Link managed switch and it's working now too. It's sometimes the simple stuff you over look on the troubleshooting path that trip you up. I could not determine any reason why the TP Link managed switch was preventing the Proxmox GUI from coming up. I checked everything before I reset it. Thanks again!

Hmm, I don't think I've ever tried to do that! You're right it doesn't ask if you want to enable https after setting the interface IP. I wouldn't call that a bug though, an oversight maybe but that's the intended operation. You can always set it in the config file if you really need to enable it before you have access to the webgui. You can open a feature request: https://redmine.pfsense.org/ Steve

@jhonthan said in DDNS doesn't work on version 2.5.2: DDNS doesn't work on version 2.5.2 Anyone saw this problem? No, DDNS works fine. Keep in mind that the "DynDNS" facility build in pFSense uses : /* * PHP.updateDNS (pfSense version) * * +====================================================+ * Services Supported: * - DynDns (dyndns.org) [dynamic, static, custom] * - No-IP (no-ip.com) * - EasyDNS (easydns.com) * - EasyDNS IPv6 (easydns.com) * - DHS (www.dhs.org) * - HN (hn.org) -- incomplete checking! * - DynS (dyns.org) * - ZoneEdit (zoneedit.com) * - FreeDNS API v1 (freedns.afraid.org) * - FreeDNS IPv6 API v1 (freedns.afraid.org) * - FreeDNS API v2 (freedns.afraid.org) * - FreeDNS IPv6 API v2 (freedns.afraid.org) * - Loopia (loopia.se) * - StaticCling (staticcling.org) * - DNSexit (dnsexit.com) * - OpenDNS (opendns.com) * - Namecheap (namecheap.com) * - HE.net (dns.he.net) * - HE.net IPv6 (dns.he.net) * - HE.net Tunnelbroker IP update (ipv4.tunnelbroker.net) * - SelfHost (selfhost.de) * - Amazon Route 53 (aws.amazon.com) * - DNS-O-Matic (dnsomatic.com) * - Custom DDNS (any URL) * - Custom DDNS IPv6 (any URL) * - Cloudflare (www.cloudflare.com) * - Cloudflare IPv6 (www.cloudflare.com) * - Eurodns (eurodns.com) * - Gandi LiveDNS (www.gandi.net) * - GratisDNS (gratisdns.dk) * - City Network (citynetwork.se) * - GleSYS (glesys.com) * - DNSimple (dnsimple.com) * - Google Domains (domains.google.com) * - DNS Made Easy (www.dnsmadeeasy.com) * - SPDYN (spdyn.de) * - SPDYN IPv6 (spdyn.de) * - All-Inkl (all-inkl.com) * - DuiaDNS (www.duiadns.net) * - DuiaDNS IPv6 (www.duiadns.net) * - Hover (www.hover.com) * - DreamHost DNS (www.dreamhost.com) * - ClouDNS (www.cloudns.net) * - GoDaddy (www.godaddy.com) * - Azure DNS (azure.microsoft.com) * - Dynv6 (www.dynv6.com) */ Just recently, last week or so, OpenDNS broke their server side app. That's repaired now. Namecheap has issues right now - see recent threads about namecheap. no-ip has regularly ( ? ) problems ...

@gertjan yes, I checked yesterday and it's also fixed for me. Thanks!

@aglarond You will find many a post by me going over transit networks ;) have to explain it like every other day it seems ;) Users are always trying to use their normal lan as transit and then wonder why they run into asymmetrical issues. Here is a good drawing that explains what has to be down with a downstream router. [image: 1639335337947-pfsense-layer-3-switch.png]

@stephenw10 Thank you very much for the reply. I searched, but couldn't phrase my question properly to find that.

It depends what the fibre is. It's probably GPON? In which case your options are limited.

@mattfiller said in Could this be malware in my pfSense - it is not blocking MS RDP attacks: (we have 5 incoming 3389-MS RDP Port Forwards to individual PCs so people can work from home) Yeah this is a bad idea for sure - and your going to see tons of traffic to those ports. I don't have it open but just looking at the firewall logs sees lots of noise to that port [image: 1639234463663-3389.jpg] If you have remote workers that need to rdp to some machine on your network. As suggested by @stephenw10 either VPN in (best option).. Or lock down the source IPs to who can hit that port and be forwarded. Best would be to lock down to the remote users specific IPs.. You could use say dyndns entries so even if their IPs change, etc. While changing the port from 3389 on your wan side is not really a security measure, if you used different ports to to your specific devices 3389 port, this would remove some of the log spam, and lower the amount of stuff that is forwarded to the actual client.. While security through obscurity is not something you should rely on - it doesn't hurt if you make bots looking for open rdp ports harder to find you. Once some bot or outside finds your rdp port is open, they will normally bomb you with brute force attempts to get in.. Trying all kinds of username/password combos..

Your memory usage is unrelated. pfSense does not include log4j neither do any of the available packages. log4j is not even in our repo so to be affected you would have to have manually installed it from the FreeBSD repo and configured it to be listening somewhere. Steve

@mediatek said in Installing Pfsense as a VM: After I made the change I have to do the command again... This is the main problem, That is not a problem, it is expected. That command disables the firewall entirely. It should only ever be a temporary workaround to allow access while you add a rule to allow something for long term access. You can see your rule has not created any states or passed any traffic to however you're testing that it's not matching. Steve