It's normal to see that a few times and the number of times depends on the drive. It may not actually be stopping there. That's the last thing you see if you have dual consoles enabled, and the other one is set as primary, until boot completes. I would guess it's set as serial console primary and it lost a NIC when you removed it so it's now waiting at the interfaces assign screen but you can't see that. Try forcing vidconsole: https://docs.netgate.com/pfsense/en/latest/troubleshooting/boot-issues.html#booting-with-an-alternate-console Steve

@bmeeks said in Anydesk does not work: but frequently users think they can just go through and enable everything haha - yeah no clue to what any of the rules mean - but clearly the more rules I have the more secure I will be.. And lets just start of in blocking mode ;)

Port 80 was disabled in rules and Nat. As soon as I enabled them, the certs renewed successfully. Thanks for pointing me in the right direction, much appreciated.

Hmm, weird! Take the win and move on.... Steve

@cool_corona sure!

Aha, nice!

@stephenw10 I found that odd too. I'm not by any means a networking professional - I'd consider myself an advanced beginner, but I do not understand why that port was locked into vlan 10 or how was vlan 10 chosen for devices on that port...

Nice! Good result. Pure IPSec is waay better than trying to use L2TP over it. Steve

Good to hear! You should be aware though that the fact you had to forward GRE implies the VPN type you're using is probably PPTP which is an outdated protocol and considered insecure. You should check the VPN type in use to be sure. Steve

@dirtydish been many many years since my sons were home and had to worry about what they did on the net, and the net was a much different place 20 years ago ;) But pfsense can act as your proxy, you don't need to setup some laptop to do that. https traffic can be difficult.. There would be a very steep learning curve sadly to say. If they are using tablets and iphones - you might be better off using the tools meant to monitor those.. https://support.apple.com/en-us/HT201304 I do a bit of this with my grand daughters phone - she can not install any apps without it asking me for permission.. I get a notification - and she texts me ;) Pa can you approve ;) -- she lives in California.. You can also look into monitoring youtube history, etc. Such tools will most likely be easier to get going with and easier to manage and use than say some proxy log that is for sure.

@gertjan yeah, it's a classic PC. i don't see anything on the monitor/console when booting up. @JKnott i'm thinking i'll pick up a smaller form factor unit like what you're running, or something similar. thanks all for the responses - it's helpful.

@stephenw10 Yes, I think that must have been where the corruption was - I removed it and it is all working properly now.

@gertjan Thank you .. I thought I need to open the WAN port with this rule.

Or any 'easy free fast' service with free pop-up notification, every-phone-on-earth support - limited (15Gbytes ..) storage etc. Just naming one : a gmail account just for your pfSense. Depending on what you use - how many updates come along in a year, and how often you reboot pfSense - and how often a power failure is signalled by NUT (and arpwatch, acme.sh certificate auto updates etc etc) : maybe 500 mails a year ... Placing all these in the local config.xml is probably not the best idea.

Bittorrent is a special case because it generally relies on incoming connections too if you are seeding and want good performance. That may not be possible via a commercial VPN provider. But routing all outbound traffic from a particular internal IP via the VPN is certainly possible. It should only require a policy routing rule to do so. Steve

Rule 1 there is for UDP/TCP only so it will not catch ping traffic. It also show 0 states created against it so, when that screenshot was taken, no traffic is matching it. What are you using for DNS on the LAN? By default pfSense hands clients the interface IP to use and listens on that with Unbound. If you policy route all traffic via a WAN gateway like that clients will not be able to connect to the DNS service, traffic is forced out of the WAN. You may need an additional rule above that to allow clients to reach the LAN address on the port 53. However that would also affect policy routing one client. And it would not be caused by just changing the default route. Steve

Hmm, that's an unusual error it if is. But you should be able to just reload the default config either from the webgui (if you can access it) or from the serial console menu. https://docs.netgate.com/pfsense/en/latest/solutions/sg-1100/connect-to-console.html However if that fails for some reason I would just reinstall the firmware to get back to a known state. Steve

@fenglingfu Here : Status >System Logs > System > General [image: 1637567351532-817c2ee3-1455-4d0e-9ff5-92ed5455fcf7-image.png]

@stephenw10 said in What would cause one computer to take a while to reconnect to WiFi after coming out of sleep when using pfSense + Unifi switch and AP but not with a UDM?: Is it actually the wifi connecting or is that 30s until you appear to have connectivity? 30s until wifi connectivity. pfSense cannot affect wifi linking. Got it. I will check the Unifi AP. It's strange I didn't have this issue when I was using the Unifi UDM with the same setup. I would be looking at IPv6. If pfSense is handing out v6 IPs but there isn't actually v6 connectivity there will be a delay until it falls back to v4. I have IPv6 disabled across the board. I will confirm.

Hmm, the returned killed 0 states implies it's not matching any states. Sure looks likeit should though.