• NTP problems

    20
    0 Votes
    20 Posts
    4k Views
    R

    I will try that later because I really can't now.
    Thanks for helping

  • Not Updating Dynamic DNS

    9
    0 Votes
    9 Posts
    5k Views
    K

    If you didn't have the problems you encountered, I'd have been very worried.

  • Trouble obtaining DHCP lease from ISP

    6
    0 Votes
    6 Posts
    2k Views
    N

    Figured it out… it was something so basic as flushing dns on the pfsense box.  :-[

  • Recording detailed web traffic

    4
    0 Votes
    4 Posts
    1k Views
    E

    Try the "urlsnarf" package, it's run from the command line but you could output it to a log file.

  • Pfsense update notifications?

    5
    0 Votes
    5 Posts
    2k Views
    R

    Thanks :). subscribed to the mailing list.

  • Constantly getting "500 - Internal Server Error" with 2.1

    4
    0 Votes
    4 Posts
    2k Views
    K

    Thanks BBcan177

    I clear cache on Chrome and there is no 500 error.

  • NOOB Help!! webconfigurator port affects my port forwarding

    10
    0 Votes
    10 Posts
    2k Views
    stephenw10S

    Easily done.  ;)

    Steve

  • Mount HDD as RW at boot on embedded pfSense

    2
    0 Votes
    2 Posts
    2k Views
    stephenw10S

    So you're booting from the CF card with a Nano image on it, yes?
    Two issues. Nano doesn't use the fstab to mount the filesystems. The Nano image disables DMA so disk access is slow. Fortunately others have been here before you.  :) Have read through this thread:
    https://forum.pfsense.org/index.php?topic=67823.0

    Steve

  • Fibre Slow after connecting firewall

    2
    0 Votes
    2 Posts
    712 Views
    stephenw10S

    That sort of restriction I would be looking for a connection issue, probably a duplex mismatch. Check the Status: Interfaces: page for errors.

    Steve

  • Possible to roll logs?

    5
    0 Votes
    5 Posts
    1k Views
    C

    You're right.  Looks like it's rolling 500KB log files!  Thanks!

    @stephenw10:

    The pfSense logs are already kept in a rotating format with a fixed size. I wouldn't have thought it would be that difficult to increase that size. Not tried it though.

    Looks like they're generated here in /etc/rc

    DISABLESYSLOGCLOG=`/usr/bin/grep -c disablesyslogclog /cf/conf/config.xml` ENABLEFIFOLOG=`/usr/bin/grep -c usefifolog /cf/conf/config.xml` LOG_FILES="system filter dhcpd vpn pptps poes l2tps openvpn portalauth ipsec ppp relayd wireless lighttpd ntpd gateways resolver routing" for logfile in $LOG_FILES; do if [ "$DISABLESYSLOGCLOG" -gt "0" ]; then /usr/bin/touch /var/log/$logfile.log else if [ ! -f /var/log/$logfile.log ]; then if [ "$ENABLEFIFOLOG" -gt "0" ]; then # generate fifolog files /usr/sbin/fifolog_create -s 511488 /var/log/$logfile.log else /usr/local/sbin/clog -i -s 512144 /var/log/$logfile.log fi fi fi done

    There is a package for running a syslog server on the pfSense box you might also look at.

    Steve

  • LAN dropping it's Assigned IP address.

    15
    0 Votes
    15 Posts
    2k Views
    I

    Ah, I decided to go with a different board actually guys.. (I posted that earlier.) But I do intend on getting this board for myself. It's just such a beautiful board and would make such an amazing pfsense box that I want to give it a shot in my free time. :D But I will be broke for a while..

  • Not able to block PING to an AP

    21
    0 Votes
    21 Posts
    3k Views
    N

    Hi Guys,Thanks for your advice !

  • HELP: Dual CARP/pFSync pFSense Routers + Multi-WAN + LAN + VoIP-Hybrid

    1
    0 Votes
    1 Posts
    622 Views
    No one has replied
  • 0 Votes
    5 Posts
    1k Views
    A

    interesting… :)

  • Get Internet through WAN and VLAN

    4
    0 Votes
    4 Posts
    869 Views
    I

    Thank you all for Answers!

    But may be no need to use VLANs at all. Get the config file form the old GW and don't see any VLAN configurations there. May be ISP admins think that they have active VLAN.

    First Ill tray IP configuration without VLAN.

  • How to setup WiFi on pfSense router

    4
    0 Votes
    4 Posts
    2k Views
    E

    I'm moving this thread over to here.

  • [SOLVED] VLAN treachery - DHCP Addresses but No Internet Access

    10
    0 Votes
    10 Posts
    4k Views
    T

    @Derelict:

    You can't use 10.0.0.0/8 and 10.X.X.X/16. those subnets conflict.

    facepalms  Doh, I knew I forgot something.  I've given the non-VLAN'd LAN 10.0.0.0/16 and left the rest as it was, and tweaked the config on the switch itself so it has the right net mask.

    Anyways, weird discovery: Apparently there was a static DHCP assignment that got added for the client system and somehow THAT broke VLAN routing of information.  Either that, or dhclient decided to go and break itself.  It looks like the issue might've been related to that, because now data's being routed correctly.  shrugs

  • VLAN

    10
    0 Votes
    10 Posts
    2k Views
    DerelictD

    @AIMS-Informatique:

    Why are you telling him to switch from trunk to general

    This is due to the way some switchs understand and handle this spécific Trunk mode. And no, Trunk isn't like general, as a Trunk would assume to carry and forward all VLANs, even thoses not configured. So the behavior of a Trunk is slightly different. Generally a Trunk config will be necessary if you plan to enable GVRP.
    Plus, for my point of view, it is better to know your network and set up only what needed.

    It is true that ciscos switchports in trunk mode can carry all VLANs, but you can also limit them only to specific VLANs with "switchport trunk allowed vlan add XXX,YYY,ZZZ" like I described. This has the effect of making the trunkport only forward traffic for the allowed vlans and discarding any received frames tagged for unconfigured VLANs.

  • Authentication based routing

    2
    0 Votes
    2 Posts
    769 Views
    A

    Yes you can. This is called Squid + SquidGuard as PF packages.

    Good luck.

  • No connection on DMZ

    15
    0 Votes
    15 Posts
    3k Views
    A

    Mark,
    You are not displaying the good RULE interface. What you need for playing, is INCOMMING connection. What shows your DMZ tab in your FW rules are your OUTGOING trafic (pass or block).
    On your WAN tab, specify an allow all rule to DMZ subnet destination. So that your DMZ play its role : being demilitarized…

    I'm afraid you will have to deal with AON to... (manual NAT). Unless you struggle with port forwarding from each of your game support (Nintendo / Sony / steam...), and configure the good ports to be forwarded for each service.
    Believe me, you'de better work on Manual NAT (and static ports) rather thant seeking for editor's information about port forwarding.

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.