The reason I put in the feature request.. No you wouldn't see it if just setting up via wizard, etc..  It comes into play when adding opt interfaces, etc.  The mask is a drop down list - has to default to somewhere ;)  Defaulting to the end of the list seems to be just the way it normally happens.

I do concur that the most common mask used as default might eliminate such new user mistakes..  But when it comes down too it, user has really nobody to blame but themselves - when setting up a static IP on an interface they for sure should be checking and understanding what mask they want to set on the IP…

Part of the problem is just users that don't really understand.. Just take a gander at how many posts you see where users have set the default mask on say 10/8 or 192.168/16 etc.. ;)  And trying to make it kind of idiot/mistake proof while also allowing for more complex sort of setups, etc.

Refresh hardware watchdog timer Watchdog2 in pfSense via IPMI:
https://lexxai.blogspot.com/2017/09/watchdog2-pfsense-ipmi.html

@neteffectcafe:

Wow. 1000 bucks to figure out why one ISP doesnt work while the other does.

Think you are wording here is a bit off..

Its not 1000$ for this one thing.. Its $948 for a year of support.. Not just the 1 thing your currently have issue with.. My guess if you can not figure out this one thing - there are prob going to be other things as well you have problems with ;)

"I dont know how to do that. "

For how to open up the web gui via your wan.. Yeah I am guessing you would be on with support quite a bit ;)  So that $1k for a year will prob cost them money.. heheeh… If you pay for 3 years upfront price comes down to 700$ year..

Is this pfsense hardware, ie netgate purchased before May 31, 2017, and not yet a year then you could use your 2 support instances that came with the hardware before they moved over to the support bundles..

So I have the domain as localdomain

when I open a browser & type n40l.localdomain it doesnt work.

The N40L has a DNS as the PFsense box, the DHCP lease shows the host as N40L.

Thanks Grimson for the pointer.

I deleted all sarg* files in /usr/local/pkg and in  /usr/local/www

In addition, I cleansed all /cf/config/config.xml from all related <sarg>entries

seems that the issue is solved.

Thanks again.</sarg>

It doesn't seem like it was intended.. anyhow probably better to continue on the other thread: https://forum.pfsense.org/index.php?topic=138876.msg759070#msg759070 if new information becomes available..

https://doc.pfsense.org/index.php/How_can_I_forward_ports_with_pfSense

https://doc.pfsense.org/index.php/Port_Forward_Troubleshooting

If that is not enough you will probably have to post what you have done. As in screen shots.

ok, got it figured out how to prevent the error:

you must use the –nosubshell parameter when starting mc

to get a clear view on my screen I also changed the configuration of the putty session to use characterset CP437 to show nice linedrawing instead of characters (Window - Translation - Remote character set)

I agree with you that lots of conventions change with ipv6.. Running multiple layer 3 on same layer 2 is not one of them ;)  The whole thing with dual stack is just really a necessary evil during the transition period between the 2 different IP protocols ipv4 and ipv6..

I wasn't even thinking of dual stack.  The sooner we move to IPv6 the better.  However, it wasn't that long ago many networks were dual stack IPX & IPv4.  When I was at IBM, the first time I worked there, I had IPv4, NetBIOS and SNA on a token ring network.  The 2nd time I worked there, it was all IPv4 on Ethernet.

@maverick_slo:

Wait, was pppoe connect with "." vlans been fixed in 2.4.2?

Yes.

@machinery
I just saw that you posted the log from the 11th connect attempt. Please see if you can find the first one and post it. It's not uncommon for ISPs to ignore consecutive login attempts after a few failures, your log looks just like that.

You can try to disconnect the pfSense box from the modem, check that PPPoE password and username are correct, wait an hour or so and then try again.

Another possibility:
If your ISP isn't validating connections based on the username/password combination but based on the port id in the DSLAM, and you made the first connection from the Linux computer, then it's possible that it (for a time) expects new connections to come from the same MAC address. Similiar to how cable works for many ISPs. In that case you can try to use the MAC from the Linux computer for the PPPoE connection on the pfSense.

Thanks, it worked, had to make 2 static routes bacause i can only select 0.0.0.0/1 in static routes so i made a anoter entry with 128.0.0.0/1 and updates began working.

When you say reboot the router you mean pfsense?  Or something in front of pfsense?  Your AP?

What is not working for internet access?  Dns.. Can you access pfsense?  What does pfsense show for its wan connection?  Did it loose its lease?  What do the logs in pfsense say?

You say modem, did you mean router?  What device is that - is that what your rebooting?

Need some more details of exactly what your rebooting and why without doing any sort of troubleshooting to what exactly is not working..

marjohn56, I whish I read your message before buying a Vigor 130… Apparently my problems are not over:

https://forum.pfsense.org/index.php?topic=139000.0  :'(

@KOM:

Squid is not geo-aware.  I don't use pfBlocker but it does have a geo database so you will have to figure out a solution using pfBlocker.

I dont need it to be.  I just want it to obey the LAN rules which it doesnt.  LAN rules simply are bypassed by anything going through squid.

Thanks for your reply.

I'll come up with a proper reply but right now I am really busy and don't have the time to get into all the things you bring up.

I'll come back to it in a few days.

Approximately one year after 2.4.0-RELEASE, so October 2018.

I see - I've never entered the wan IP unless it was a VM and I had no lan access so I did no know that.  I've learned something new.

Yeah the simple way to run multiple dhcp is just have them hand out different blocks..  But there are much better ways to do it where the dhcp servers exchange the leases so, etc.  Sure you could run pfsense via carp to do it.  But you can also set it up on other systems like MS latest server versions dhcp has added a lot of dhcp failover and redundancy features.