Thanks. That did the trick.

SSH is useful for troubleshooting, transferring files, and restarting the webgui if for some reason it stops responding.

You can block both (webgui/ssh) to only be accessible from a management network, that would prevent all possible exploits in those services as to exploit either someone would need to be able to send it at least some 'malicious' packet..

@DeLorean full version on USB should work fine, just make sure to enable memory disk for /tmp and /var.. Anyhow its the only choice going forward with 2.4..  https://forum.pfsense.org/index.php?topic=121255.0

The SYN retransmit looks like there is nothing accepting the connection.. Would think nginx aint running then..
Can you try when the problem occurs?:

Then while trying to access the webgui:

Anything special configured/installed? bridge/HA/squid/snort/suricata/other? Any portforwards that might be preventing traffic reaching the webgui?

@a_thiha:

…. I reinstalled pfsense.

Version 2.2 ???????????

Thanks guys. When I get home I'm breaking out the coffee & starting the process of chasing where the config is broken

–-
Edit: I got home & you were correct it was a configuration issue. Embarrassingly I setup my static IP  incorrectly on the WAN side. I've corrected the configuration & everything is working now. Kicking myself for looking at that 4 times & missing that the subnet was incorrectly configured.

Appreciate your help & patience

Is this Sierra?
My first idea - don't use PPP. Not sure that the drivers for other modes (qmi, mbim) are available on FreeBSD though.
I'm currently using Sierra's EM7455 on Openwrt based router.

@barbatrukko:

@Gertjan:

You checked this : https://doc.pfsense.org/index.php/Executing_commands_at_boot_time ?
Or this : the Cron package ?

Hi,
the first link is about "boot time" and is not what I want: i want that all days at some time system execute a command.

The /etc/crontab file is constructed at boot time.
Use the info found here https://doc.pfsense.org/index.php/Executing_commands_at_boot_time to "add" your own lines. The will last because the file only gets created ay boot time.

why would something that is local to 1.2.3 even talk to pfsense to talk to something else on 1.2.3..

"Now we have lots of App and Links with us from long ago configured with IP 1.2.3.5"

You configured stuff to use an IP and not a FQDN??  Yeah fail for sure..

You do understand that a machine especially a webserver for example can have more than 1 IP on the same network right.. So your new server can have 1.2.3.4 and 1.2.3.5 and serve up stuff on port 80 for either of them..  Your server could serve up http (80) on hundreds of different ips if you wanted too, etc..

What you should be doing is redoing all your stuff that have a hard coded IP in them..  This is just bad bad bad idea all the way around!!

Well…
Something booted from something. FreeBSD is present on a drive .....
Btw : before the BIOS even knows it HAS drives in the system, it menu is accessible. The method of accessing has nothing to do with FreeBSD or pfSense. See the bios manual for the procedure.

When the USB booted (the pfSense pre installer) , AND it recognizes a disk where it can install TO, then the install menu will be shown. This menu will offer you to empty your SSD drive .
Of course, if these conditions aren't met, nothing will ne shown ... because nothing can be done.

Would seem this is a known FreeBSD bug, and has been fixed in pFsense 2.4 beta release available now.

https://forum.pfsense.org/index.php?topic=119497.0
https://redmine.pfsense.org/issues/6949

Hi NogBadTheBad,

Thanks for your information. I forgot to inform you for my pf. My pf is running on vmware and now I was fixed this issue.
For my setting on my vm host I have cofigure vlans to an interface and enable "route based on the originating virtual port ID" also setting lan to vlan id to 4095 finally setting port switch to tagged.

Thanks.

First make sure you enable ssh and can login to pfSense that way with putty or similar.
This can be used to test the script command.

Then maybe you can use winscp to upload a file or diagnostics/editfile
Store it in /root/ or something.. as /tmp/ will be wiped on reboot.
Likely need to make the script executable: chmod +x
Then with ssh you can try to run it (or under diagnostics/command and hope it doesnt hang the webgui)

Then cron package might be able to run it every hour or something..

There are likely lots of ways.. But maybe above general thoughts help a bit :)

Oh, whoops, the speed was set incorrectly(9600).  Thanks, heper.  I'll try 115200 when I get some free time.

Thanks!

Well, I never got my Bridge to work, but I ended up not needing a bridge at all.

I was able to simply assign the last usable IP of my /25 block to my VLAN5 interface and then use it as a gateway on all of my servers with manual outbound NAT.

Works great now!

I'm kinda blown away out of the dozens of hours of research I didn't find a single thread suggesting this implementation.

Thanks a lot to TandyUK in #pfsense on freenode.