@stephenw10

This worked like a charm! Thank you very much!

@emmaylots was having the same issue and can confirm that it works. Thank you!

I can confirm that the switches on the router mr8300 (or the router hardware itself) appear to be what is the cause behind the slowness when hardwired.

My first guess would be something stored in a saved login. Try using a private window in Firefox.

Huh, good to know. Thanks for the update!

Are the clients assigned interfaces? I would certainly expect to see those via the correct clients.

Do you see the gateways on the correct clients?

@johnpoz said in Static ARP Mapping:

So in general there is quite a bit of stuff going on with dhcp in general - also the move to kea version not supporting all features, etc. etc. I would hope they have all the issues worked out by next release.

I found out that it was really kea dhcp not letting go of leases that was the culprit. I have gotten rid of the static mapping.

@iSagen

Now it works! I had some NAT-rules ruining my setup. Deleted them and now it works.

:)

So it turned out that even under the leases section of the menu the old wifi router was listed as offline and inaccessible. I finally tried clearing my browser's history which did allow the browser to connect but there was a server error on the page. I then downloaded the new app that didn't exist when I bought the old router from Netgate back in 2015 and tried to use it to connect wirelessly to it after having reset it to factory settings. This was able to wake up the router I guess because I was able to access it through the browser finally, after having disconnected the pfsense router. I then set the old router to AP mode and it asked me to hook up the new pfsense router to the internet and then attach the new router to the old one and it worked. Thanks for everyone's help today. I really appreciate it. I guess I should have been using the dumb phone app for the old router a lot sooner but even a couple of months ago it was unnecessary. What a day lol

Well in that pcap it's just responding to Syn with Reset so it's refusing the connection anyway.

What interface is it using for replies though? How does in the state table?

Check the MAC address replies from the DC is using as destination. Is it actually sending them to the correct gateway to go back over the VPN?

What does the routing table on the DC look like?

On a hunch, I swapped the modem for one of the same model from my ISP. Problem is solved & I have GUI access once again. Chalking it up to coincidence with the modem failing at the same time NIC was replaced.

Thanks to everyone for your assistance.

@TMG Just note that with a bridge all packets between those computers goes through the router. So that could impact CPU usage on it for example, or network speed.

You mean you also couldn't connect to internal resources?

@firefox 1. boot environments, also less issues with cold boot resets. More stable filesystem.

@stephenw10 Good ideas.

Thanks all!

LRP 0

Ok so hit return to reach the CLI.

You can use bectl there to switch BE snaps if you're running ZFS. If you're running UFS you can run an fsck:
https://docs.netgate.com/pfsense/en/latest/troubleshooting/filesystem-check.html#manual-filesystem-check

Hmm. Does it do it every time you visit that page? If you clear the php error is it regenerated?

@stephenw10 I didn't find any options in System/User Manager/Authentication Servers to keep them both configured but one enabled and one disabled.
I confirm that they both work if there is only one configured at time

@michmoor said in rate limiting / policer:

Shaper wizard

Yeah sorry, low on coffee. Same general idea though...

LAN outbound to *:443 limit 10 Mbps is one pipe.

LAN outbound to *:443 limit 10 Mbps with a mask of /32 is one 10 Mbps pipe per device.

"When a limiter is set for Source Address or Destination Address, the pipe bandwidth limit will be applied on a per-IP address basis or a subnet basis, depending on the masking bits, using the direction chosen in the masking."

@Gertjan Munin... haven't seen that in a long time!