• Routing or FW rule(??) 255.255.255.255 (Sonos) requests from WLAN to LAN

    6
    0 Votes
    6 Posts
    2k Views
    K

    Avahi is only for mDNS discovery, not for generic broadcast protocols. If Sonos products use or can be made to use mDNS it should work with avahi.

  • Reset interface counters without rebooting

    1
    0 Votes
    1 Posts
    329 Views
    No one has replied
  • Plex keeps changing from nearby to indirect

    9
    0 Votes
    9 Posts
    6k Views
    MikeV7896M

    First, I wouldn't enable NAT Reflection on a global level. It can be set for each NAT rule individually, and that's how I would do it as not everything needs it. I do have it enabled for my Plex port forward, and have found things to work seamlessly with it this way. It's actually required for Sonos to be able to access Plex because of a limitation in Plex's Sonos implementation.

    Using the custom setting for DNS Rebinding would be a good idea too. I also have this set in my DNS Resolver settings. There is also a setting for DNS Forwarder (dnsmasq). Both can be found here.

    And if you're forwarding DNS to OpenDNS or somewhere else that blocks DNS Rebinding on its own, a domain override for the plex.direct domain would be good too, though I'd override with Plex's own DNS servers instead of using another DNS provider to remove a variable from the equation.

  • Making the internal root ca offline

    9
    0 Votes
    9 Posts
    1k Views
    M

    @Harvy66:

    @purduephotog:

    @johnpoz:

    Dude I understand what a CA is… But we are not talking a public freaking CA.. We are talking a CA that create a handful of local certs.. Which sits on his firewall - which is pretty freaking close to locked room!!

    Yeah, sorry about that.  I'd been explaining crypto all day to people at work that couldn't understand what was being done.  I got into a lecturer mode.

    Still, could make the root CA on a new or different HD or even a bootable USB stick, do the work, export the certs, then pull the stick.  That's pretty secure too.

    I know the feeling. Every so often we ask another company to send us their public key and they send us their private+public key pair where their private is a wild-card EV cert from Verisign.  It saddens me so many don't understand such basic concepts.

    I got another nice one. A large org (about 100B usd yearly turnaround) gave us the public key for their root and sub ca:s. The only problem? Their ca:s had 50 year lifespans and no CRL paths specified…....

  • NTP disconnect issue

    5
    0 Votes
    5 Posts
    1k Views
    N

    Why don't you just have the NTP server listen on all LAN interfaces? Why only one?

  • Send an email when the gateway falls

    7
    0 Votes
    7 Posts
    2k Views
    N

    Are you not using gateway groups? It's a standard pfSense notification whenever a gateway in a gateway group goes up or down:

    TMOBILE_DHCP is down, omitting from routing group FIOS_to_TMOBILE
    8.8.8.8|192.168.0.254|TMOBILE_DHCP|982.895ms|1995.669ms|0.0%|down

  • Windows Remote Desktop

    3
    0 Votes
    3 Posts
    613 Views
    GertjanG

    Hi,

    Read your write-up 5 times.
    At best, it's not very clear.

    What is a "Plex server" ?
    "Plex is running on a Server 2016 VM hosted on a Server 2016 box" AND "I am in the same LAN as the server and have tried different RDP clients and different devices." In this case, pfSense isn't used at all, you could even shut it down. RDP will work.
    I have my 2008R2 on my LAN, and can connect to them from any other PC device on the same LAN. No traffic is 'touched' by pfSense in this case.

    One of my Windows 2008R2 can be accessed from the outside (Internet) using RDP. A simple NAT rule on pfSense will do the trick.
    Don't know what NAT refection is.

    I guess you have a VM setup issue here.

    Btw : check your keyboard. At least one key is broken.

  • Second Lan network same interface

    45
    0 Votes
    45 Posts
    9k Views
    DerelictD

    Everything I am doing is 2.4-RC on a XenServer VM. I have no reason to believe 2.3.4_1 on a physical would be any different.

  • Resetting MAC address to NIC real address.

    5
    0 Votes
    5 Posts
    2k Views
    KBrownConsultingK

    Sorry for reviving an old post but I just ran into this same issue on my newly purchased SG-4860 running 2.3.4-RELEASE-p1

    This doesn't seem very intuitive & seems like it could potentially cause some unexpected & problematic behavior if someone deletes a LAGG & then tries to use the ports individually without being aware of this "functionality".

    The reason being, when you assign interfaces to a LAGG, they all are given the same MAC. The potential problem (and definitely unexpected behavior) is that after removing the interfaces from the LAGG they all retain the same shared MAC!

    In the attached screenshot you'll notice that igb4 & igb5 have the same MAC. That's because they were assigned to the same LAGG at one point & then removed. This was definitely not expected behavior & took me a while to figure out why it had happened since I had never manually set a spoofed MAC on the interfaces directly.

    Is this behavior really functioning as intended?

    Interfaces.jpg
    Interfaces.jpg_thumb

  • [SOLVED] mfi0 fail to get command

    3
    0 Votes
    3 Posts
    2k Views
    J

    I must to add the line in /boot/loader.conf

    hw.mfi.mrsas_enable=1

  • VPN and AES-NI

    2
    0 Votes
    2 Posts
    834 Views
    M

    I can not give you any scientifically sound information on it (Steve probably can), yet, I am using VPN with a Celeron without AES-NI, to download usenet movies, and I have 150 Mbit down, so I think the lack of AES-NI is not a performance problem.

  • Statement CAM status: Uncorrectable parity/CRC error

    2
    0 Votes
    2 Posts
    3k Views
    jimpJ

    Unfortunately that could be anything. It could be the drive itself, the cable, the port on the motherboard/controller, even drive firmware and not a hardware fault.

    Check Diagnostics > SMART Status, see if anything looks out of sorts there in the 'All' output for the drive. Maybe even initiate a test and see if it finds anything.

    If it's a SATA disk, swap the cable out and try a different SATA port on the motherboard.

    If that doesn't help, it probably is the disk.

  • Bug report 2.3.4-Release-P1

    2
    0 Votes
    2 Posts
    379 Views
    jimpJ

    The crash report you attached indicates a filesystem issue. The LAN address part might be related, it certainly does not sound like any problem I've heard of unless you had an IP conflict or overlapping networks.

    To fix the filesystem crash, use the console and boot to single user mode. Then run "fsck -y /" a few times until it does not find anything, don't stop when it claims to be clean. It may take 3-5 times.

  • MultiWAN - Seperate LAN segments to designated WAN interface

    10
    0 Votes
    10 Posts
    874 Views
    A

    Is this how you do that?

  • Remote FTP access SOLVED

    1
    0 Votes
    1 Posts
    1k Views
    No one has replied
  • Odd blocked traffic on Pfsense Azure appliance

    4
    0 Votes
    4 Posts
    1k Views
    M

    Hi,

    had the same problem yesterday. It´s gone now, i have changed the topology a little bit.

    New topology:

    VNET: 10.17.0.0/22 (3 subnets) pfsense wan interface: 10.17.0.4/24 pfsense lan interface: 10.17.1.4/24 pfsense default gateway (azure): 10.17.0.1 pfsense lan gateway (azure): 10.17.1.1 client subnet: 10.17.2.0/24 pfsense static route: 10.17.2.0./24 --> 10.17.1.1 azure user defined routing (udr) bound to client subnet 10.17.2.0/24: 0.0.0.0/0 --> 10.17.1.4 10.17.0.0/22 --> 10.17.1.4

    Regards,
    Martin

  • Connect to OPT1

    9
    0 Votes
    9 Posts
    1k Views
    johnpozJ

    dude that is borked setup.. sounds like your running 2 layer 3 networks on the same layer 2..

  • Switch purchase advise

    10
    0 Votes
    10 Posts
    1k Views
    M

    @johnpoz:

    But there is an old saying "Nobody ever gets fired for buying cisco" ;)

    … or IBM :)

  • MOVED: https in squid log without man in the middle

    Locked
    1
    0 Votes
    1 Posts
    198 Views
    No one has replied
  • PfSense system crashed and stuck

    2
    0 Votes
    2 Posts
    431 Views
    stephenw10S

    That sounds like a hardware problem. If when it reboots you see a crash report there may be something you can do. Otherwise check the system log for errors.

    We would need to see where it stops in the boot process to know any more.

    Steve

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.