Hello stephenw10 ,

I wanted to wait to be sure but I no longer have any disconnection from this IPsec bridge.
When I reduced the delay to 1 hour, I no longer had this problem, but therefore no more logs :)
So I postponed the 8 hour delay to have this cut again, but it no longer cuts!

So too bad for the explanation, I'll look at the logs if it comes back.

A big thank you to you for your answers <3

What's in that ICMP packet? I expect that to be a port denied message.

Hi guys!

It's been a lot since the last response to this.
After updating to 2.7.2, can't get to make work ldaps again (updated from 2.7.0).

By running this commands:

setenv LDAPTLS_REQCERT allow ldapsearch -v -H "ldaps://dc1.local:636" -b "dc=local" -s sub -D "username@local" -w "password"

seems to work because it shows so much information about my directory.
But it does not work when trying to authenticate on GUI. I have restart PHP-FPM so many times with no success.

Please advice.

Thank you!

@stephenw10 I can the pcap on pfsense.

HTTP/3 is no longer experimental and is fully active in the iMac it can no longer be disabled manually

2017--> was still in development
Screenshot 2024-07-10 at 20.05.52.png

2021--> This was the background and code for how it works with applications
https://developer.apple.com/videos/play/wwdc2021/10094/?time=16

2024--> Apple has fully activated this on the Sonoma 14.5 and Safari 17.5 it has no option to disable like the link above has.

It also has HTTP/3 DNS much like DoH however pure UDP let's call it DoH/3

DoH/3 seen here:
f065612b-98b0-4959-9e37-68c032208922-image.png

@stephenw10

LOL, yeah and aptly named too!

It actually attempts to serve a purpose as it offers QoS options for gaming, but the Killer Performance Suite is generally considered nuisance-ware. I thought I had uninstalled all that a long time ago, but apparently that service was hanging around. :) I simply didn't realize it as I've been on much slower internet until gig came to the neighborhood. :)

Jeff

If you have set that I would expect no issue since the server would reject any unauthenticated requests.

@stephenw10 You are sure.
I didn't remember this configuration.
Sorry for forgetting and thank you.

Hi @stephenw10
Thanks your post pointed me to where to restart the monitoring service.
My google searches were failing me.. Everything I found said that restarting it was some where under the System -> Advanced Settings area. But I couldn't find it.
However it's under that Status -> Monitoring -> Settings ->"Display Advanced" button..
Sigh. Now I know the term to search for it's easy..
After disabling and enabling Graphing again it's fixed!

Cheers
Richard

@JonathanLee

75620283-fd7d-4b05-9a7b-227e657c48a1-image.png

No more, good work !

@stephenw10 I sent you a chat

Aha, nice!

Is this similar to proxy chains or apples private relay services?

@net95 said in Pfsense 2.6.0 freeze randomly:

For now, we cannot update because we cannot interrupt the services

I used to be a computer tech, working on big systems, and also worked in telecom for many years. When a critical system had to be updated, etc., common practice was to do it after hours. I've been in at 4AM and even came in on New Years day for Y2K. If your firewall is freezing it's likely a hardware issue and could fail completely at any time. Also, updating doesn't take much time. If done during the business day, common practice is to just let everyone know there will be a brief outage.

@NollipfSense Thanks

What log did you see that implies the password had changed?

I would guess a more likely explanation is that there were some login failures caused by the new login limitation?

@Vinibo1

Why not state the requirements, instead of posting the Cisco config? I see you have NAT and VLANs and some addresses. Also, what about IPv6? A lot of ISPs are providing that these days.

@antrock85 The FW2B got two physical interfaces. Installing pfSense, one will be assigned as the WAN and the other as the LAN interfaces. That's all the pyhsical interfaces assigned.

Now you can create a VLAN (Interfaces > Assignments) to have 'more' interfaces, which will show up as OPT, OPT1 and so on.

But to use it/them you have to know how to work with VLANs.

I can't open that.

What are trying to do at that point though? SCP to a pfSense-Plus instance in AWS?

@stephenw10

Nice!
Thank you Steve!

Ah, nice. Interesting that Unbound is not able to resolve at that point then.