• Gmail/Google services unresponsive

    22
    0 Votes
    22 Posts
    2k Views
    stephenw10S

    If you have any IPv6 connectivity at all but not full connectivity that can really bork stuff.

    I have seen sites appear to fail because clients think they can connect ober v6 but cannot. Triple check that!

    Steve

  • View all connected devices

    3
    0 Votes
    3 Posts
    5k Views
    JKnottJ

    @bealefay said in View all connected devices:

    Good afternoon.
    Tell me how I can see in pfsense a list of all connected devices.

    You can't, short of writing a script to ping all devices. The arp cache will show devices that have recently sent packets to or through pfSense.

    How to reserve an IP address for a device in DHCP LEaser?

    On the DHCP server page, you can map IP addresses to MAC addresses.

    The system writes that the IP must not match what the DHCP server issued.

    PfSense will not let you assign an IP address that's within the DHCP pool.

    I would also like to know where you can see the interface speed of the connected device.

    Take look at the "Dashboard" page.

    thanks a lot ;)

    My bill is in the mail. 😉

  • WAN Interfacce Traffic Graph with LAN Host Name / IP.

    4
    0 Votes
    4 Posts
    453 Views
    R

    @NollipfSense said in WAN Interfacce Traffic Graph with LAN Host Name / IP.:

    @ramses-sevilla said in WAN Interfacce Traffic Graph with LAN Host Name / IP.:

    If I see Traffic Graph and select Interface: WAN1 and Filter: Local, all traffic destined / originated to/from my LAN appears destined / originated by the WAN IP and not appear the Internal Hosts that really originated the traffic.

    Natted or NAT!

    @NollipfSense, thanks so much by your answer.

    I know that is because the NAT applied in the WAN Interface but I ask if there is any way to see the Bandwidth consumed between the LAN Interface and each WAN Interface "pre-natted".

    Best regards,

    Ramsés

  • Built-in packet capture v. dedicated packet capture appliance

    7
    0 Votes
    7 Posts
    1k Views
    Sergei_ShablovskyS

    Dear Andrew!

    Could You be so please to describe hardware logical scheme when all traffic (in/out) from mine gate are captured for further forensics analyses by other IDS/IPS software like Snort, Surucata, WireShark, Splunk...

    This is something close to port mirroring and send mirrored traffic to capturing applience with pfSense, am I right?

    Thank You for efforts!

  • pfSense router cannot ping or perform nslookups

    15
    0 Votes
    15 Posts
    2k Views
    U

    @JKnott said in pfSense router cannot ping or perform nslookups:

    Can you ping something that's in your half of the Internet, such as 8.8.8.8?

    It pings just fine

    Also, try plugging an ordinary computer, running Windows, into it, see what you get, and give them a call if you're still getting the /1.

    I'll give it a try.

  • 0 Votes
    25 Posts
    68k Views
    jimpJ

    Make your own thread instead of posting to a mostly-irrelevant nearly year-old thread.

  • Multi Wan with same gateway and splitting with Active directory groups

    2
    0 Votes
    2 Posts
    319 Views
    stephenw10S

    It depends what you want to Limit. You can filter sites by group membership.

    No.

    Yes, as long as you can match the required groups in firewall rules. If it's only by AD group member ship that may not be possible. You might be able to have Squid use a different source IP/WAN directly, I'm not sure I've ever seen that tried.

    Steve

  • Pfsense refusing to block 3 ports

    10
    0 Votes
    10 Posts
    1k Views
    johnpozJ

    As stated those are almost always blocked by ISP or even at the cable modem (docsis)...

    As stated sniff on your wan while your sending traffic to that port - does it get there?

    Also sending rejects on wan (that is connected to public internet) is almost always going to be a BAD idea!!!

    example - I just checked 445 to my public on can you see me, and nothing seen at my wan via packet capture.

  • Nextcloud and Haproxy Issues

    6
    0 Votes
    6 Posts
    3k Views
    R

    WooHoo!!!

    I have got it to work!!

    I added to the Nextcloud config.php file

    'overwriteprotocol' => 'https',

    I think it has something to do with HAProxy handling ssl.

    Anyway its SOLVED!

  • Slow WAN when there are lots of OUTBOUND connections (from 40k-80k).

    4
    0 Votes
    4 Posts
    229 Views
    J

    There is no shaping or limiting of any kind on the firewall. We don't actual use/generate that much traffic, but there are a lot of opening/closing of tcp sockets. There are lots of small packets.

    The only package installed on the firewall is openvpn-export-client.

    On and off pfctl will bounces around 100% and then disappear maybe 20-30 seconds on and then 20-30 seconds off.

    Thanks for the responses, this is giving me stuff to look at!

  • SG3100 Can't connect to www.columbia.edu

    4
    0 Votes
    4 Posts
    413 Views
    stephenw10S

    Works fine through an SG-3100 here. Though it resolves to 128.59.105.24 as the main IP for me.

    Steve

  • Dynamic Limiters

    6
    0 Votes
    6 Posts
    738 Views
    stephenw10S

    Mmm, I'm not aware of any way to do that in pfSense.

    One thing you can do is setup a bandwidth sharing scheme. That uses dynamic pipes to share whatever bandwidth is available equally between connected clients so that one client cannot use it all.

    Steve

  • ordered second ip from ovh using pfsense

    10
    0 Votes
    10 Posts
    2k Views
    stephenw10S

    Not personally but there may be others who can.

    You should be able to get it working in OVH though.

    Steve

  • [SOLVED] Wireshark Packet Capture not working on Linux | Ubuntu | PopOs

    8
    0 Votes
    8 Posts
    900 Views
    manjotscM

    @jimp Working I just changed admin@192.168.40.1 to root@192.168.40.1 , removed sudo and it worked.

    Thanks,

  • Problem with PPPoE

    5
    0 Votes
    5 Posts
    558 Views
    J

    @stephenw10 Thanks, I will try that!

  • PFSense CA and additional OID's

    3
    0 Votes
    3 Posts
    195 Views
    G

    That's annoying. I was hoping to add an OID for code signing.

    thanks.

  • crash report help

    5
    0 Votes
    5 Posts
    587 Views
    stephenw10S

    Those look more like ram errors. They are completely different the earlier crash.

  • IPsec via IPv6 issue

    1
    1 Votes
    1 Posts
    196 Views
    No one has replied
  • web page hangs after applying changes

    7
    0 Votes
    7 Posts
    978 Views
    A

    I know it's been a while, but I just wanted to provide an update. I recently connected my iMac to ethernet and turned off the wireless. Since I've done this, the changes don't seem to freeze up pfSense in the browser anymore. It's weird. I've tested it by making several changes within DHCP Server > LAN this morning and then clicking the Apply Changes button. It finished up in about 1.5 seconds and it never froze. I then reversed the changes I made while testing and clicked Apply Changes again and same thing...finished in about 1.5 seconds and never froze. I'm not sure why the problem seems to have gone away since it's been connected over ethernet, but I'll take it! Thanks to everyone who chimed in on this.

  • Multiple pfSense boxes sharing LAN

    3
    0 Votes
    3 Posts
    447 Views
    R

    @stephenw10 Thanks. That confirms to me that a single pfSense router (even better in a HA dual setup) would be a much cleaner setup for the following reasons:

    A shared LAN would require hundreds of static routes One pfSense box allows me to have multiple WANs in failover mode, with time-based bandwitdh restrictions, etc., etc. Option of a HA setup just by getting a few extra ethernet ports With an AMD FX 6xxxx and 16 GB o memory I only see 10% load. If needed, functions like firewalling, DPI, antivirus and proxy could always be run in separate boxes. I should able to route non-critical traffic between VLANs inside my HP1920 switches (like network projectors, public printers, media servers) to alleviate my main router. I have only found 1 example of a shared LAN after days and days of searching. There's plenty of examples of HA or transit/transport link between pfSense boxes

    Thanks for the insight. Tomorrow (monday) I'll start redoing everything. I have exactly one month to get everything running until school starts... with one machine for now, and HA as soon as I can get the second unit setup with extra eth ports.

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.