• Where are .iso (not .iso.gz) download files?

    11
    1 Votes
    11 Posts
    1k Views
    johnpozJ

    @denitrosubmena said in Where are .iso (not .iso.gz) download files?:

    upload files from your computer because they dont want risks

    How does that in anyway mitigate risk?? I just serve up my "risky" iso from my machine, or anywhere else on the planet - like some cheap vps, etc.. With for example the tiny little exe that was linked to that provides a http or https server, hfs

    Now if they did something that checked that hey the https url is to a legit company that provides distros ok maybe it some very slight risk reduction..

  • Cockpit is not reachable via HAProxy

    2
    0 Votes
    2 Posts
    330 Views
    S

    Well Ok, I resolved it.

    The backend for cockpit (port 9090) must be encrypted. And the only acceptable healthcheck is Basic.
    Also, once the backend is updated, I had to change its name and reallocate it to the front-end rule with the new name. There must be an issue with the cache.

  • 0 Votes
    6 Posts
    212 Views
    stephenw10S

    For reference one other thing you could have tried there would be to run at the CLI:

    pfSsh.php playback generateguicert

    That should create a new cert and assign it to the webgui.

  • Kernel Panic on pfSense+ 24.03-RELEASE

    19
    0 Votes
    19 Posts
    1k Views
  • Laggy/High Ping Game Hosting

    14
    0 Votes
    14 Posts
    1k Views
    T

    @stephenw10
    The ping graph is on a 500/100 connection. Each of my players connected to the game server use 250kb/sec so even on a busy night, I'm maybe using 5mbit of WAN and on my 100mb upload, that shouldn't cause any saturation. I'm sorry the Netgate 1100 doesn't have the horse power required for 5 friends to play games.

    Thank you for your time and feedback. I don't think this product is strong enough for a home network, I'll look for a more powerful router.

  • freeradius and local auth

    3
    0 Votes
    3 Posts
    104 Views
    P

    @Gertjan hi sir

    noted on this sir and thank you.

    cheers

  • This topic is deleted!

    1
    0 Votes
    1 Posts
    16 Views
    No one has replied
  • What is the best way to protect this network?

    Moved
    5
    0 Votes
    5 Posts
    225 Views
    GertjanG

    @meowmere said in What is the best way to protect this network?:

    but what does pfSense do in the background to prevent outsiders from entering the network, how do they work exactly?

    Dangerous question.
    As it shows that you don't know what a firewall is.
    pfSense, or the firewall used by the router from your ISP, or any other firewall (router) out there, behave the same way.
    IMHO, the fastest way to understand what happens, what this is, a "statefull firewall", install "Youtube", search for "what is a state-full firewall", hit enter, select the videos that have 'zillions' of likes, watch them all, and done.
    Be aware, a couple of decades ago you had to visit Havard to know what you know now.
    It's as easy as that.

    How do they filter outbound and inbound data?

    Everything initiated from the outside, also known as the Internet, is blocked.
    Everything initiated from the inside, also known as the LAN, is passed.

    With you doing nothing more, without changing any settings, without you activating any pfSense "gadgets", if the LAN users behave as real adults, you're job is over.
    Keep in mind : it happens a lot : the real security problem of a network can be the admin itself, because he doesn't know what he is doing - or worse, he thinks he does ....

    @meowmere said in What is the best way to protect this network?:

    I am in desperate need of information

    Not that hard to find.
    Half the planet is now hooking up his home, small company or what ever else to the Internet.
    Everybody has the same question.
    The most discussed subject on the Internet is ... not the new car of the neighbor, or who win the elections, but Internet itself and everything related.
    It's like playing chess. There is no short cut, not brain implant possible, no miracle solution.
    It's the good old ancient process : you have to take some time, sit down, and learn.

  • Wan DHCP to PPPOE problem

    19
    0 Votes
    19 Posts
    511 Views
    stephenw10S

    Ah, nice! 👍

  • New 4200 slows down periodically

    4
    0 Votes
    4 Posts
    214 Views
    stephenw10S

    Ah, yes. Disabling ntopng as a test is what I would recommend.

  • Hardware lifetime pfSense+ instead of yearly costs

    8
    0 Votes
    8 Posts
    763 Views
    stephenw10S

    Ah, I see. Well better going forward then at least.

  • 0 Votes
    3 Posts
    136 Views
    S

    Hi,

    Thanks for the advice.
    I was looking around and found that WAN_COMCAST_DHCP was somehow still in a Firewall Rule for OpenVPN.
    I updated that rule to the correct gateway and I have not seen the error anymore.

    Cheers!

  • Routing to 192.168.100.1 (cable modem) across pfSense WAN interface

    15
    0 Votes
    15 Posts
    1k Views
    K

    @johnpoz I don't think it matter now either, because I changed the mask to 192.168.100.0/24 and Virtual IP to the same and it works. I think the web interface on the Hiltron CODA56 running SW Version 7.3.5.0.1b5 seems like its goes unresponsive. I rebooted the modem and the web interface was back. Seems like they had issue with older code, but pfsense is working as it should.

  • SG-3100 - firewall choked on empty config.xml

    5
    0 Votes
    5 Posts
    251 Views
    stephenw10S

    Nope that's the only location on the firewall It will save up to 30 backup configs. It makes a backup any time you make a config change.

    You can restore a backed up config file you have locally in Diag > Backup / Restore.

  • Pfsense Access Interruption

    14
    0 Votes
    14 Posts
    620 Views
    stephenw10S

    And what error did it show when you tried to ping? Just timed out? No route? TTL expired? Network down?

    If ifconfig shows the NICs as still linked and it has a valid route still then I would expect it to try to send traffic to the gateway. If the virtual NICs just stopped passing traffic then it will fail to ARP for the gateway and show an error related to that. However if it can still ARP for the gateway then that's probably some network config issue.

  • Add MatterMost notification

    2
    0 Votes
    2 Posts
    170 Views
    stephenw10S

    Nothing that I've seen. You can add a feature request: https://redmine.pfsense.org/

    Steve

  • 0 Votes
    3 Posts
    169 Views
    M

    I found solution for me, I rebooted.... then internat came to my LAN

  • Hardware for AT&T fiber

    12
    0 Votes
    12 Posts
    614 Views
    stephenw10S

    Try setting the monitoring IP to something external, it will give you better data anyway.

    Edit the gateway in System > Routing > Gateways. Try using 8.8.8.8 or 1.1.1.1 etc.

  • Adguard on different networks

    6
    0 Votes
    6 Posts
    408 Views
    stephenw10S

    Yeah it would need to support that specifically. Otherwise you could probably run two VMs for example.

  • Feature Suggestion: Set Firewall Alias in Static Mapping

    5
    0 Votes
    5 Posts
    215 Views
    Bob.DigB

    Sounds good to me.

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.