• Casting Youtube to Samsung Smart TV

    8
    0 Votes
    8 Posts
    4k Views
    J

    I'm having the same issue, trying to find a way to get it working. Had a look at the link above and it's not really helpful. Just other ways to cast.

    I did some digging and debugging and I'm guessing it's some port or transmission being blocked somewhere. Nothing comes up in the firewall logs as being blocked though.

    Did you ever get to a proper resolution for this?

  • Restore corrupts system

    13
    0 Votes
    13 Posts
    1k Views
    M

    I know, our software uses xml for backup and restore too. I'd probably say the same to our customers. I'm just a little surprised pfsense can't handle a well formed but partial xml for restore. Anyhow, thanks for the insights.

  • PfSense not replying to UDP traceroute on WAN

    17
    0 Votes
    17 Posts
    6k Views
    johnpozJ

    yup... that is all you need to do.

    edit: for the next guy that finds this thread... I will post up screenshot of the rule
    tracerouterule.png

  • Traffic shaper Codel/FQ_Codel bandwidth bottleneck at 200 Mbits/s

    4
    0 Votes
    4 Posts
    402 Views
    W

    Thanks for the reply, I'll test the suggested changes now, we'll leave the Nic optimization last I think. I'm using 2 x Intel i210 nics btw, forgot to mention that.
    I should also add that I tried to add a traffic shaper directly to the WAN and LAN interface with CoDel as the QMA (Instead of using limiters, clicking on "By Interface" In the traffic shaper page), I get nice throughput of 880 Mbit/s with the bandwidth set at 960 Mbit/s (may be bottlenecked a bit then). Unfortunately this way all the traffic going out of the LAN is also limited and queued using CoDel, so if using VLAN this is not a good idea... Really wanted to make this work without doing that. If I apply the CoDel queuing system to the WAN interface only, only the traffic coming from WAN (Downloads) is limited and queued by CoDel. Hopefully this is a clear enough explanation 🙏

  • Notification email settings. Allow STARTTLS option.

    11
    0 Votes
    11 Posts
    4k Views
    GertjanG

    Note : my last image concerns my own mail server - using port 465 - thus smtp over SSL and cert checking on both side.
    All this is unknown for MSN/Hotmail/Outlook.

    Btw Google (gmail) dropped submission (= '587') usage and stepped over to 465 a long time ago.

  • Size of logs not correct

    5
    0 Votes
    5 Posts
    410 Views
    DerelictD

    https://docs.netgate.com/pfsense/en/latest/book/monitoring/system-logs.html

    https://redmine.pfsense.org/issues/8350

  • 0 Votes
    2 Posts
    829 Views
    dragoangelD

    There is manual how to do backups remotely
    https://docs.netgate.com/pfsense/en/latest/backup/remote-config-backup.html
    This can be used as first step to do automated login, but all other steps must be scripted by you.

  • Which firewall to pick

    6
    0 Votes
    6 Posts
    1k Views
    GertjanG

    @hrohibil said in Which firewall to pick:

    -Ubiquiti USG
    -Ubiquiti Edgerouter 4
    -Netgate Pfsense SG-3100

    Show down : https://www.youtube.com/watch?v=bK2_ROQrMcM ( just an example - way more videos exist )

  • 0 Votes
    4 Posts
    451 Views
    H

    Thanks @stephenw10 we'll keep looking and post post back if we find a good method of of doing this in conjunction with pfSense

    Hass

  • two pfsense routers

    5
    0 Votes
    5 Posts
    567 Views
    K

    yes this what i was hoping to be able too do is too have one captive portal at the server end and have all the internet traffic go back to the remote modem. what i have running now is that the captive portal has an ad server on the server end were clients would click on an ad or info and get internet access were the ad would full in the login info in the captive portal would that still work at the remote location as all of the traffic would be coming to the server end? also at the server i've got the captive portal doing a redir to a webpage were the client would have to click on tab to get the captive portal page to come up then they could click on an ad to get internet access.
    would this work if i set the remote as a stand alone

  • 0 Votes
    5 Posts
    1k Views
    H

    @KOM
    I have a Qotom Q355G4 which has 4 x Intel I211-AT- 10/100/1000 Controller. Tried both 2.4.4_3 and 2.5 (which is running now) for PFSense. As for other equipment in the network I have a Unifi 8 port PoE switch and a Unifi AP AC Pro running off of the switch,

    @stephenw10 said in pfsense dropping LAN clients whenever WAN is saturated or PFSense settings are changed:

    What does the system log show when you make a change that drops everything?

    Steve

    The only thing of interest I can find is it seems DHCP service is completely restarting everytime I modify settings related to ports, interfaces, client leases, or FW. There's nothing in the System tab being logged when this happens.

    Whenever I saturate my WAN, nothing appears to be logged on the PFSense instance. I should note that if I wait a little bit (have not measured exactly how long) it appears the connection comes back on its own, but this can be accelerated by dropping and rejoining the network. Interal pings to my VLAN gateway take up to 100ms but everything is still reachable under load. Nothing gets logged when connections are dropped due to load.

    @marvosa said in pfsense dropping LAN clients whenever WAN is saturated or PFSense settings are changed:

    @holojack said in pfsense dropping LAN clients whenever WAN is saturated or PFSense settings are changed:

    Oddly this seems to also happen whenever I saturate the download of my WAN (100/100 symmetric fiber). During load like downloading a game, I will see ~20ms pings to my internal GW and ~50ms pings to google with about 10 percent packet loss. After a long enough sustained download I will lose connectivity on all machines on the LAN and have to reset all of them.
    During both of the above I cannot ping internal or external machines nor reach the WebGUI. I have looked over the logs in the WebGUI and nothing stands out to me. Here is what I have tried to fix this:

    The issue of your machines getting kicked off line upon simple configuration changes sounds strange. Is it possible you've found a bug, sure, however, I can tell you I've been using PFsense since 2009 and every issue I've ever had with it has been hardware related.

    We have no details about your network, but having increased pings to an external host with a saturated WAN link is normal. However, the only way you should see increased pings to PFsense while saturating a 100 Mbit WAN is if you're using 100 Mbit NICs and a 100 Mbit switch on your LAN.

    As far as the issue of not being able to ping internal hosts when you're downloading at max speed, traffic between internal hosts on the same subnet do not traverse the firewall, so your issue lies somewhere else.

    My suggestion, make no assumptions about anything. Assess both your PFsense hardware and your switch, assess all NICs, assess cabling... those are all in the data path and all points of failure.

    Unifi controller and PFSense are both reporting 1000/1000 full duplex on all ports. Also I may have misspoke, but I can only noy ping internal hosts when my connections are dropped.

  • Disable pfSense or find password

    26
    0 Votes
    26 Posts
    3k Views
    provelsP

    @stephenw10 Don't get me started. I'll just leave instructions to hit everything with a hammer. Let me tell you about My Everex Cube, circa 1992, Full-house, 64MB RAM, 2! 2GB SCSI drives and SCSI CD, 486DX2-66 upgrade!, $10,000 new... Hey, where ya going...? LOL

  • Kernel Panic - bxe Driver - Broadcom 10Gb/s NIC

    6
    0 Votes
    6 Posts
    796 Views
    stephenw10S

    Check the ifconfig output for the bxe NICs for things like VLAN_HWTAGGING,VLAN_HWCSUM,VLAN_HWFILTER.
    There's no GUI knob for that but you can disable it if required. I'm not aware of any issue with it but no-one use VLAN1 so...

    Steve

  • How do I check whether pfSense was not cleanly shutdown?

    8
    0 Votes
    8 Posts
    660 Views
    KOMK

    https://forums.freebsd.org/threads/execute-rc-d-script-at-shutdown.53304/

    https://www.freebsd.org/doc/en_US.ISO8859-1/articles/rc-scripting/rcng-hookup.html

    You put startup scripts and kill scripts in /etc/rc.d.

  • Trouble setting up SG-1100 for Google Fiber

    4
    0 Votes
    4 Posts
    1k Views
    stephenw10S

    No, no reboot required.

  • Corrupt Configs

    25
    0 Votes
    25 Posts
    2k Views
    bmeeksB

    @Stewart said in Corrupt Configs:

    I've also found an oddity in /var/squid/logs:

    /var/squid/logs: ls -lah | grep access -rw-r----- 1 squid proxy 0B Aug 13 00:00 access.log -rw-r----- 1 squid proxy 6.1G Jun 8 05:14 access.log.0 -rw-r----- 1 squid proxy 52M May 5 00:00 access.log.1 -rw-r----- 1 squid proxy 0B Apr 25 00:00 access.log.10 -rw-r----- 1 squid proxy 0B Apr 24 00:00 access.log.11 -rw-r----- 1 squid proxy 0B Apr 23 00:00 access.log.12 -rw-r----- 1 squid proxy 0B Apr 22 00:00 access.log.13 -rw-r----- 1 squid proxy 0B Apr 21 00:00 access.log.14 -rw-r----- 1 squid proxy 0B Apr 20 00:00 access.log.15 -rw-r----- 1 squid proxy 0B Apr 19 00:00 access.log.16 -rw-r----- 1 squid proxy 0B Apr 18 00:00 access.log.17 -rw-r----- 1 squid proxy 0B Apr 17 00:00 access.log.18 -rw-r----- 1 squid proxy 0B Apr 16 00:00 access.log.19 -rw-r----- 1 squid proxy 56M May 4 00:00 access.log.2 -rw-r----- 1 squid proxy 0B Apr 15 00:00 access.log.20 -rw-r----- 1 squid proxy 0B Apr 14 00:00 access.log.21 -rw-r----- 1 squid proxy 0B Apr 13 00:00 access.log.22 -rw-r----- 1 squid proxy 0B Apr 12 00:00 access.log.23 -rw-r----- 1 squid proxy 0B Apr 11 00:00 access.log.24 -rw-r----- 1 squid proxy 0B Apr 10 00:00 access.log.25 -rw-r----- 1 squid proxy 0B Apr 9 00:00 access.log.26 -rw-r----- 1 squid proxy 0B Apr 8 00:00 access.log.27 -rw-r----- 1 squid proxy 0B Apr 7 00:00 access.log.28 -rw-r----- 1 squid proxy 0B Apr 6 00:00 access.log.29 -rw-r----- 1 squid proxy 35M May 3 00:00 access.log.3 -rw-r----- 1 squid proxy 9.6M May 2 00:00 access.log.4 -rw-r----- 1 squid proxy 1.9M May 1 00:00 access.log.5 -rw-r----- 1 squid proxy 0B Apr 29 00:00 access.log.6 -rw-r----- 1 squid proxy 0B Apr 28 00:00 access.log.7 -rw-r----- 1 squid proxy 0B Apr 27 00:00 access.log.8 -rw-r----- 1 squid proxy 0B Apr 26 00:00 access.log.9

    with access.log.0 being 6.1GB in size, would that indicate that it isn't rotating?

    It would look that way to me at first glance.

  • pfsense very restrictive

    4
    0 Votes
    4 Posts
    492 Views
    johnpozJ

    So he wanted pfsense to just be his bsd box? Yeah not going to be good for that ;)

  • User Management error

    3
    0 Votes
    3 Posts
    611 Views
    stephenw10S

    Exactly, it's this: https://redmine.pfsense.org/issues/9541

    You can apply the change linked there as a patch with the system patched package.

    Steve

  • Logging Query with transparent proxy enabled

    7
    0 Votes
    7 Posts
    229 Views
    stephenw10S

    We would need to see some examples of the logged traffic to comment further.

    I would expect incoming TCP SYN packet to port 443 to be passed and redirected to Squid as you say.

    Steve

  • Logging / Alerts when inbound port mapping occurs

    4
    0 Votes
    4 Posts
    289 Views
    DerelictD

    It will log ssh and webgui attempts.

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.