• Verizon Cellular

    2
    0 Votes
    2 Posts
    450 Views
    stephenw10S

    You should not need any special settings for that. The phone connects out to Verizon on IPSec and routes the calls over that as far as I know. The default allow rules on LAN will pass that.
    You could check for open UDP port 4500 states when wifi calling is enabled to confirm that.
    IPSec can be affected badly by an incorrect MTU setting. You might look into that if the issue continues.

    Steve

  • pfSense reboots during large downloads

    2
    0 Votes
    2 Posts
    183 Views
    jimpJ

    If you have a serial console, leave a client open and connected to it, either with a large scrollback buffer or logging all output. Then monitor it during a reboot, see if you get any output.

    If you only have a video console it's harder to capture errors, but you still might see something.

    If there are no crash reports and nothing in the logs, then it's harder to diagnose. That said, it's almost certainly hardware if that is the case. If it's crashing under load, which could be from the encryption required to run the VPN, then most likely it's heat or power-related, but it still could be anything (RAM, CPU, etc)

  • Help to begin please with basic firewall/router

    5
    0 Votes
    5 Posts
    318 Views
    ?

    You were right man. I did get an answer.
    The book is very well done though, thanks. In my case, basic set-up is not bad and no major curves. Just slow and careful for someone not specifically in the network field. Beyond basic... I think will take a long time. Good little lab start.
    And worth moving to a SG-5100 I think.

  • 0 Votes
    6 Posts
    990 Views
    V

    Closing this off - for some reason, rebooting the test device worked. (Basically I came back to test and it worked).

    So I can only assume it was either intermittent, or maybe some issue with the DHCP client?

  • After reboot can't ping out from shell/ WAN

    6
    0 Votes
    6 Posts
    742 Views
    J

    Hi Steve, I think we did recently update so that could definitely have been it. Thanks though for all your help!!

  • FTP server behind pfSense...

    12
    0 Votes
    12 Posts
    1k Views
    stephenw10S

    @philipputrus said in FTP server behind pfSense...:

    The server use Active mode I checkd that by connecting to it from the CMD

    For active mode you need to have the client FTP proxy installed and configured. It will not allow the server to open data channels without it.

    Steve

  • Vicidial behind Pfsense

    3
    0 Votes
    3 Posts
    364 Views
    L

    No I haven't but I'm thinking of it as updating our infrastructure.

  • Pfsense can`t keep connection alive to provider

    19
    0 Votes
    19 Posts
    3k Views
    stephenw10S

    When you run tcpdump on the interface in pfSense you see eveything the driver is sending but that might not necessarily make it onto the wire.
    By using a switch in between, mirroring the port and capturing on there you see what traffic is actually going back and forth.

    Steve

  • Plex indirect on many internal devices, but not all (Solved)

    14
    0 Votes
    14 Posts
    19k Views
    johnpozJ

    Ah in Tautulli interface - thanks.. Yeah that does make it easy to find ;)

    that scope would all be great if you made them vlans and actually isolated them.. But if they are all on the same L2 kind of just meaning less.. And means you have to for sure hand out reservations for every mac address.

  • Secure VPN server in Homenet and access

    4
    0 Votes
    4 Posts
    447 Views
    stephenw10S

    You are only opening one port so you're exposing only the service listening on that port. The RasPi could have everything open but nothing is going to reach it except what you're forwarding.

    Steve

  • 0 Votes
    23 Posts
    2k Views
    N

    I set on accept for Promiscuous mode, mac address changes and forget tramits on WAN vswitch,
    Since my network goes Virtuel WAn switch-pfsense-virtuel LAN switch.
    Also very important to note that is a reboot of whole esxi is necessary for it to acctually implement the changes made.

    I didnt discover this at beginning.... so alot of my testing was flawed cause changed wasent acutally being made...

    Thanks for all help.

  • 0 Votes
    3 Posts
    570 Views
    K

    Sure... without success :(

  • Clients on LAN bridge have internet but cannot see eachother

    3
    0 Votes
    3 Posts
    575 Views
    Y

    Thank you. That fixed my problem.

  • New Install / New User: Transparant Bridge

    2
    0 Votes
    2 Posts
    142 Views
    stephenw10S

    Traffic between the modem and Asus router there is all inside PPPoE apart from traffic to the modem itself. So that's probably not what you want to do. pfSense would not 'see' most of that traffic.

    pfSense as the gateway and Asus as an access point is the way to go there.

    Steve

  • /etc/rc

    6
    0 Votes
    6 Posts
    975 Views
    stephenw10S

    If you use a shellcmd that gets stored in the config file and hence can be retsored and is never lost at an update etc.
    If that command calls a custom script that might be lost though. You can use the filer package to store that in the config so it's all restored however.

    Steve

  • pfSense 3.0

    4
    0 Votes
    4 Posts
    3k Views
    KOMK

    TNSR is a completely different product than pfSense, and both will be developed concurrently from what the Netgate people have said recently.

  • Cant sign CSR - "Please select a valid Digest Algorithm."

    5
    0 Votes
    5 Posts
    463 Views
    E

    Upgrade fixed it! Thanks.

    Impressive response time. 3 minutes. :)

  • Problems using pfSense 2.4.4 in a non-internet-contact environment

    3
    0 Votes
    3 Posts
    233 Views
    H

    @akuma1x

    Hi Jeff,
    thank you for showing me the way to the discussion about it.
    Now I know a bit more.

    James

  • No internet access on new install [Ping works] [DNS works]

    3
    0 Votes
    3 Posts
    365 Views
    stephenw10S

    Could be an MTU issue. Try to ping with large packets, how large will pass?

    https://docs.netgate.com/pfsense/en/latest/routing/unable-to-access-some-websites.html

    Steve

  • Set Static Arp Entry [NOTHING TO DO WITH LAN OR DHCP SERVER]

    19
    1 Votes
    19 Posts
    7k Views
    stephenw10S

    If you do need to apply that command at boot you can do so with a shellcmd:
    https://docs.netgate.com/pfsense/en/latest/development/executing-commands-at-boot-time.html

    And actually now I think about it if you use the 'afterfilerchnages' type there it will be applied if the WAN goes down and comes back up. That might be all you need there.

    Steve

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.