Yup, that. But also I'd consider ssh with key only more secure if you're going to open anything.

I've never used that 3rd party API so can't offer anything there.

Yup you will see it everytime any log rotates. So you can mitigate it by increasing the log file sizes or reducing what is logged in whichever log is rotating.

@stephenw10
Thank you for the clear response.
It's a shame it's not a priority, given the criticality of its use.
I see messages requesting it from over 10 years ago. It's no longer a matter of priority; it's a choice :)

@stephenw10 Thank you kindly for the prompt response!

Ehh it didn't bug me too, too much. I looked at my backup xml I downloaded and saw that it wasn't listed in gateways:

902d73f9-e005-40e7-9300-f286dbde4773-image.png

I thought it was my fault because I DID create a couple of gateway but I deleted and created new ones. My OCD was not liking how I named the deleted gateways!! ;)

Thank you again! Have an awesome weekend!

Have you just applied an update? To what?

When it stops you actually lose link? No LEDs on LAN1 on the 4100?

Can it be restored simply by unplugging and reconnecting the link cable without clearing the DHCP leases?
The DHCP server shouldn't make any difference to a NIC link like that.

What do you see logged when you get back in?

What link speed does it usually connect at? Is the link to the switch via a long cable?

I would guess this is a link negotiation issue with the switch in some way.

Steve

Thanks did some checking and all IP's are being assigned from the firewall. I have an Ubiquiti switch behind the firewall where I am looking to see if that is the issue there. Thanks for the feedback.

@viragomann @mer thanks folks, that was in fact the case.

you have to add a rule in wan to allow...

65762eb4-ba3f-4ff2-9d7a-5d305d84084a-image.png

## External Network ext_ifname=igc0 ext_perform_stun=yes ext_stun_host=198.100.144.121 ext_stun_port=3478 ## Internal Network listening_ip=bridge0 ipv6_disable=yes allow 1024-65535 192.168.1.0/24 1024-65535 deny 0-65535 0.0.0.0/0 0-65535 bitrate_down=512000 bitrate_up=1024000 ## UPnP Settings anchor=miniupnpd enable_natpmp=yes enable_upnp=yes secure_mode=yes min_lifetime=120 max_lifetime=86400 system_uptime=yes notify_interval=60 clean_ruleset_interval=600 packet_log=yes uuid=fb241e30-9c00-11ee-xxxxxxxxxxx serial=CA0A9DD5

db87680c-23fb-4b12-b5c4-4d1bdbc68a67-image.png

@panzerscope I had to go back to a previous configuration. I know I could have edited the config file, but I had a recent config and that fixed t he problem. I did have success in the past with a reinstall, but it doesn't always work.

ovpnc3 is a client interface. It would be named ovpns3 if it were a server.

However the issue here is probably because one side is set as net30 topology and the other side is set as subnet. Both should be subnet in recent versions of OpenVPN really. Net30 is the older default.

@stephenw10 said in Pfsense + Upgrade Offered on CE Dashboard:

If it's really a problem I can manually remove your NDI. But that doesn't scale! 😉

No that's fine thanks. As long as it's expected behaviour then it's good 😀

@Dobby_ Hi again😊
Everything was like you show - but with the risk of sounding like a broken recored if squid is being fased out what is the point?

bookie56

@dhenzler said in pfSense HAproxy system adjustments need a shell command:

tune.ssl.default-dh-param

Does that exist without a value? Or with a value too low?

What do you have set for it here?
Screenshot from 2024-04-10 04-00-44.png

Steve

@stephenw10
I will attempt to find.

You don't have to run a controller at all, the AP can be configured from a phone app. But there are some features that do require a controller running so most users do.

@stephenw10

Just an update for you stephen. ATT offered to replace the att gateway (router). I didn't think it would help/hurt so i ended up replacing it. Ill be....
Its been stable for well over a week.
Replacing ATTs equipment ended up solving the "issue". Why? I dunno.
Why did a bad gateway ended up crashing my 6100? I dunno.
Its fixed tho..... yay.

@stephenw10 thanks, I happened to come across that last night and it works good.. my only concern is when I updrade to a 6ghz band access point then I would need to move over to wpa3 and that does not support PPSK (as far as I know). I am just trying to see what method should I move forward with.