• After upgrade to PLUS from CE 2.7.2

    4
    0 Votes
    4 Posts
    252 Views
    johnpozJ

    @Unoptanio not sure what your trying to show there? Yeah that is how it works.. If you ask dns to lookup something it will ask all the ns you have listed..

    Whats your question?

    I take it your doing dot forwarding since you have the fqdn listed their for cloudflare.

    Keep in mind when you tell pfsense to lookup something, or it needs to lookup something itself and uses those.. Say for a check if there is an update - it isn't going to be using dot.. Only unbound would use dot when it get asks to lookup something and your forwarding. If you have 1.1.1.1 listed as pfsense dns, and pfsense itself goes to lookup something from 1.1.1.1 its just going to use a normal in the clear dns over 53.

    If you want to make sure pfsense never asks in the clear and only via dot, then you put your NS in there you want to ask using dot, and set pfsense itself to ignore remote and only ask local host.

    uselocal.jpg

  • WAN only connects on unplug and plug back in

    59
    0 Votes
    59 Posts
    3k Views
    stephenw10S

    Ah, cool! Shouldn't be required though, be good to find out what's actually causing that. Someday!

    Anyway glad we were able to get a workaround in place. 👍

  • pfSense won't load packages after restore

    5
    0 Votes
    5 Posts
    235 Views
    S

    @jmbraben Restore reinstalls all packages which would pull the files from the latest 2.7.x as I recall. Starting in 2.7.2 one has to manually change the update branch to move to the next version do it is safer now.

    The problem is, let’s say the current version has a later PHP and a package is dependent on PHP, it will install the later version which may not work with 2.7.0 code. Or similar with various libraries.

    .1 fixed several security flaws: https://docs.netgate.com/pfsense/en/latest/releases/2-7-1.html#security

  • pfSense 2.7 makes HP printers crash

    9
    0 Votes
    9 Posts
    877 Views
    w0wW

    @jonatkins said in pfSense 2.7 makes HP printers crash:

    Any specific patches I should enable? I can't see anything relevant.

    I am not sure, but you can try apply all recommended patches, just for test, i think most of them anyway will be applied on the next version available.

  • My setup has been resetted.

    7
    0 Votes
    7 Posts
    668 Views
    stephenw10S

    Good job! Perhaps you could document it for other users?

  • Interface showing down when it's not?

    4
    0 Votes
    4 Posts
    196 Views
    stephenw10S

    Ah, OK. Well the switch and vlan setup is the same. 😁

  • VPN Clients cannot see internal network after 2.6 to 2.7 upgrade

    Moved
    29
    0 Votes
    29 Posts
    2k Views
    stephenw10S

    The only thing I can think of that might possibly be affected is the filtering change. Try setting 'IPsec Filter Mode' to assigned interfaces in the IPSec advanced settings.

    However if that was the issue I'd expect to see blocked traffic in the firewall logs. Unless you have custom block rules without logging maybe?

  • Down Firewall Pfsense, rc.gateway_alarm[69144]: >>> Gateway alarm

    5
    0 Votes
    5 Posts
    234 Views
    stephenw10S

    Try running top with:
    top -HaSP

    That should show you what's using the CPU.

  • Missing WAN uptime and missing default gateway on dashboard

    14
    0 Votes
    14 Posts
    1k Views
    J

    Same issue on clean 2.7.2 install (bare metal)

    Solution:
    Install system_patches in package manager, apply all patches, reboot ;)

  • May I delete...

    5
    0 Votes
    5 Posts
    280 Views
    S

    I should delete everything

  • LAN devices can ping IPv6 site but pfSense itself cannot

    41
    0 Votes
    41 Posts
    3k Views
    stephenw10S

    The important thing is that it uses a globally routable address rather than the WAN link-local address automatically. So you only need a public address on any interface for pfSense itself to have IPv6 connectivity.

  • Get PPPoE Connection time via CLI

    4
    0 Votes
    4 Posts
    186 Views
    GertjanG

    @darcey

    Cool !

    [24.03-RELEASE][root@pfSense.bhf.tld]/root: ppp-uptime.sh ovpns1 93693

    uptime of my OpenVPN server ...

  • Strange notices since 2 days

    2
    0 Votes
    2 Posts
    151 Views
    stephenw10S

    Try manually reloading the ruleset in Status > Filter Reload. See what errors are shown exactly.

    Steve

  • After a reboot I get this error in log.

    2
    0 Votes
    2 Posts
    127 Views
    stephenw10S

    Module/library errors like that are almost always because pfSense has pulled in newer pkgs somehow. Did you ever select the 24.08 update branch?

    Those could also be logged during an upgrade. Did you upgrade to 24.03 recently?

  • Advice needed, unable to get to console using keybord and display

    8
    0 Votes
    8 Posts
    259 Views
    stephenw10S

    It might be set to use the serial console as primary. It would usually show the console menu on both consoles if it boots correctly. You can try forcing the video console at boot:

    https://docs.netgate.com/pfsense/en/latest/troubleshooting/boot-issues.html#booting-with-an-alternate-console

  • 0 Votes
    3 Posts
    167 Views
    stephenw10S

    Yup we can convert that for you if you open a ticket: https://www.netgate.com/tac-support-request

    Otherwise you should be able to import the old config whilst checking the 'preserve switch config' option and then reassign the interfaces as the VLANs. But I would just open a ticket!

    Steve

  • The curl command is not working correctly

    33
    0 Votes
    33 Posts
    2k Views
    stephenw10S

    Hmm, well I'd try a packet capture on the tunnel and see if the download is being fragmented or there are retransmissions etc.

  • Trying to restore Device Key from old manual xml backup

    2
    0 Votes
    2 Posts
    119 Views
    stephenw10S

    It uses the ssh key which should be in the backup config.

    I assume you mean the ACB key? If you send me the NDI or Hint/Identifier in chat I can try to look it up for you.

    Steve

  • 4200 - LAN port flapping

    12
    0 Votes
    12 Posts
    425 Views
    stephenw10S

    As a test try just linking two ports together directly and then check the link state at the CLI with ifconfig -v.

    There shouldn't be an issue linking at 1G. You may have a bad port.

  • strongswanrc stop command?

    4
    0 Votes
    4 Posts
    197 Views
    M

    @stephenw10 Ah, I see. Thanks!

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.