• 502 Bad Gateway when PFSense connect WAN port.

    34
    0 Votes
    34 Posts
    2k Views
    stephenw10S

    Ok those settings are good. But you can see it has added automatic rules on the OPT1_TV intreface which implies there is a gateway defined on it still. There should not be a gateway on OPT1_TV.

  • My setup with pfSense 2.7.2 crashes daily

    5
    0 Votes
    5 Posts
    477 Views
    T

    @stephenw10
    You were right, it was the ram !

    I did a memetest and ended up with 4 passes but 0 errors. That was strange.

    I ended buying a random stick of ram with same specs and replace it and also putting it in other ram slot. It's solid for 4 days now.

  • Suddenly locked out

    2
    0 Votes
    2 Posts
    120 Views
    stephenw10S

    So what was shut down here, the Proxmox server? Not just the VM?

    Does pfSense respond at the virtual console?

    Does it show the expected IPs there?

    Are you sure your traffic from LAN side clients is actually going through pfSense? Does it stop if you shut down the pfSense VM again?

    Steve

  • Move topic to a different group?

    2
    0 Votes
    2 Posts
    141 Views
    stephenw10S

    Done.

  • High CPU USAGE IN 2.7.0-RELEASE

    Moved
    41
    0 Votes
    41 Posts
    2k Views
    stephenw10S

    em NICs are single queue. Only one CPU core can service the incoming and outgoing traffic queues. That means that on a 4 core CPU like you have it can never load all the cores.

    igb NICs are multiqueue and here are attaching with 4 queues. Enough to load all the CPU cores sufficiently to prevent other services running.

    You could override that by setting:

    dev.igb.0.iflib.override_nrxqs=1 dev.igb.0.iflib.override_ntxqs=1

    Or you could try to set a lower max interrupt rate like maybe:
    hw.em.max_interrupt_rate=2000

    But just swapping the WAN and LAN NIC assignments so LAN in em0 is probably easier. Unless you're not local to the box.

  • cron job wont stop

    16
    0 Votes
    16 Posts
    1k Views
    J

    @Gertjan

    Good point - I never actually looked at the script referenced only the post that it was provided on. 😏 but yes that is why it doesn't show as running on his 6100. It is.

    Fixing the cron timing so that it does not "Blinkenlights" so many times - should make everything happy on both systems. Only need 1 Blinkenlight in the hour. 🤣

  • This topic is deleted!

    1
    0 Votes
    1 Posts
    5 Views
    No one has replied
  • pfSense & HAProxy http tp https website with plain text & images

    1
    0 Votes
    1 Posts
    77 Views
    No one has replied
  • pfSense CE 2.7.2

    5
    0 Votes
    5 Posts
    405 Views
    GertjanG

    @Sergei_Shablovsky said in pfSense CE 2.7.2:

    Confirm: the several times like this…

    faaec2ef-3dff-4b3d-a321-c38d7a9c0060-image.png

    28d95a49-8508-447b-be3f-c797ffb05706-image.png

    Confirmed.

  • LAN Interface Drops Every Few Hours

    6
    0 Votes
    6 Posts
    308 Views
    stephenw10S

    Nope those errors in the nginx log are almost certainly nothing to worry about.

  • NordVPN using same virtual address for multiple gateways/interfaces

    12
    0 Votes
    12 Posts
    1k Views
    S

    Thanks

  • RAM disk?

    11
    0 Votes
    11 Posts
    1k Views
    S

    @SteveITS said in RAM disk?:

    FWIW we run Suricata and RAM disks at most clients without issue.

    Good to know, thanks.

    @SteveITS said in RAM disk?:

    OTOH the UT1 list in pfBlocker takes over 1 GB just to extract so YMMV on these things.

    I don't had this 1 GB on my radar, thanks for the hint.

  • 0 Votes
    20 Posts
    2k Views
    S

    New topic here to investigate the issue since pfBlockerNG is not the cause.
    https://forum.netgate.com/topic/189820/how-do-i-find-out-what-write-continuously-on-my-pfsense-ssd

  • pfsense and oracle virtualbox (guests blocked)

    3
    0 Votes
    3 Posts
    161 Views
    stephenw10S

    @EricAiken said in pfsense and oracle virtualbox (guests blocked):

    Virtualbox guest interfaces are bridged to to host's NIC

    If you're using bridged NICs in VBox then there is no NAT happening. VMs should just get a DHCP lease from pfSense. I have that setup here and it works fine. Nothing special should be required on pfSense other than firewall rules to allow traffic out. And those would normally already be present.

    Steve

  • dynamic public address

    4
  • After upgrade to PLUS from CE 2.7.2

    4
    0 Votes
    4 Posts
    252 Views
    johnpozJ

    @Unoptanio not sure what your trying to show there? Yeah that is how it works.. If you ask dns to lookup something it will ask all the ns you have listed..

    Whats your question?

    I take it your doing dot forwarding since you have the fqdn listed their for cloudflare.

    Keep in mind when you tell pfsense to lookup something, or it needs to lookup something itself and uses those.. Say for a check if there is an update - it isn't going to be using dot.. Only unbound would use dot when it get asks to lookup something and your forwarding. If you have 1.1.1.1 listed as pfsense dns, and pfsense itself goes to lookup something from 1.1.1.1 its just going to use a normal in the clear dns over 53.

    If you want to make sure pfsense never asks in the clear and only via dot, then you put your NS in there you want to ask using dot, and set pfsense itself to ignore remote and only ask local host.

    uselocal.jpg

  • WAN only connects on unplug and plug back in

    59
    0 Votes
    59 Posts
    3k Views
    stephenw10S

    Ah, cool! Shouldn't be required though, be good to find out what's actually causing that. Someday!

    Anyway glad we were able to get a workaround in place. 👍

  • pfSense won't load packages after restore

    5
    0 Votes
    5 Posts
    235 Views
    S

    @jmbraben Restore reinstalls all packages which would pull the files from the latest 2.7.x as I recall. Starting in 2.7.2 one has to manually change the update branch to move to the next version do it is safer now.

    The problem is, let’s say the current version has a later PHP and a package is dependent on PHP, it will install the later version which may not work with 2.7.0 code. Or similar with various libraries.

    .1 fixed several security flaws: https://docs.netgate.com/pfsense/en/latest/releases/2-7-1.html#security

  • pfSense 2.7 makes HP printers crash

    9
    0 Votes
    9 Posts
    875 Views
    w0wW

    @jonatkins said in pfSense 2.7 makes HP printers crash:

    Any specific patches I should enable? I can't see anything relevant.

    I am not sure, but you can try apply all recommended patches, just for test, i think most of them anyway will be applied on the next version available.

  • My setup has been resetted.

    7
    0 Votes
    7 Posts
    666 Views
    stephenw10S

    Good job! Perhaps you could document it for other users?

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.