@vmsadmin said in WAN offline after reboot from local power outage:

However, from the pfsense VM, the private IP addresses on our LAN can be pinged including its own static address at xx.xxx.xxx.118

You mean xx.xxx.xxx.118 as the source? Since your LAN side seems to be using 10.1.X.X?

This looks like some low level disconnection. If you try to ping xx.xxx.xxx.118 from the other router and run a pcap on the pfSense WAN do you see anything ariving at all?

@cheezycat said in 2.7.2 hacked? Chinese characters/code in TONS of files. Persists even after fresh installs.:

These files are not normal, right?

If further doubt : Throw "what is entropy ?" into Google and take the first page proposed : It was https://en.wikipedia.org/wiki/Entropy for me.

[ joke ahead ]

Knowing this, it's time for drastic measures :

@cheezycat said in 2.7.2 hacked? Chinese characters/code in TONS of files. Persists even after fresh installs.:

What are some immediate steps I can take to secure my network?

because you have probably several zip files on your PC or phone : take it down, and reformat it straight away, as you will find the same hieroglyphs in there everywhere. Even worse, all these files like DDL, EXE etc etc are all very suspect !

[ end joke ]

Keep this one on a post-it nearby : the only imminent danger is close : it's the admin himself ^^

Still, I'm curious. For all the files you can 'see', why did you chose entropy ? Or .rnd ? What / who told you to do so ? With what goal ?

Well there have been several fixes for similar crashes that have gone in since 2.6.

If you get another crash check it has the same backtrace. If it's completely different it could be a hardware issue.

@stephenw10 Ok, no idea what is going on but it is all working now. It could have been the DNS Propagation even though I changed everything over on Thursday night! Thank you once again for your help.

Yup, that. But also I'd consider ssh with key only more secure if you're going to open anything.

I've never used that 3rd party API so can't offer anything there.

Yup you will see it everytime any log rotates. So you can mitigate it by increasing the log file sizes or reducing what is logged in whichever log is rotating.

@stephenw10
Thank you for the clear response.
It's a shame it's not a priority, given the criticality of its use.
I see messages requesting it from over 10 years ago. It's no longer a matter of priority; it's a choice :)

@stephenw10 Thank you kindly for the prompt response!

Ehh it didn't bug me too, too much. I looked at my backup xml I downloaded and saw that it wasn't listed in gateways:

902d73f9-e005-40e7-9300-f286dbde4773-image.png

I thought it was my fault because I DID create a couple of gateway but I deleted and created new ones. My OCD was not liking how I named the deleted gateways!! ;)

Thank you again! Have an awesome weekend!

Have you just applied an update? To what?

When it stops you actually lose link? No LEDs on LAN1 on the 4100?

Can it be restored simply by unplugging and reconnecting the link cable without clearing the DHCP leases?
The DHCP server shouldn't make any difference to a NIC link like that.

What do you see logged when you get back in?

What link speed does it usually connect at? Is the link to the switch via a long cable?

I would guess this is a link negotiation issue with the switch in some way.

Steve

Thanks did some checking and all IP's are being assigned from the firewall. I have an Ubiquiti switch behind the firewall where I am looking to see if that is the issue there. Thanks for the feedback.

@viragomann @mer thanks folks, that was in fact the case.

you have to add a rule in wan to allow...

65762eb4-ba3f-4ff2-9d7a-5d305d84084a-image.png

## External Network ext_ifname=igc0 ext_perform_stun=yes ext_stun_host=198.100.144.121 ext_stun_port=3478 ## Internal Network listening_ip=bridge0 ipv6_disable=yes allow 1024-65535 192.168.1.0/24 1024-65535 deny 0-65535 0.0.0.0/0 0-65535 bitrate_down=512000 bitrate_up=1024000 ## UPnP Settings anchor=miniupnpd enable_natpmp=yes enable_upnp=yes secure_mode=yes min_lifetime=120 max_lifetime=86400 system_uptime=yes notify_interval=60 clean_ruleset_interval=600 packet_log=yes uuid=fb241e30-9c00-11ee-xxxxxxxxxxx serial=CA0A9DD5

db87680c-23fb-4b12-b5c4-4d1bdbc68a67-image.png

@panzerscope I had to go back to a previous configuration. I know I could have edited the config file, but I had a recent config and that fixed t he problem. I did have success in the past with a reinstall, but it doesn't always work.

ovpnc3 is a client interface. It would be named ovpns3 if it were a server.

However the issue here is probably because one side is set as net30 topology and the other side is set as subnet. Both should be subnet in recent versions of OpenVPN really. Net30 is the older default.

@stephenw10 said in Pfsense + Upgrade Offered on CE Dashboard:

If it's really a problem I can manually remove your NDI. But that doesn't scale! 😉

No that's fine thanks. As long as it's expected behaviour then it's good 😀

@Dobby_ Hi again😊
Everything was like you show - but with the risk of sounding like a broken recored if squid is being fased out what is the point?

bookie56

@dhenzler said in pfSense HAproxy system adjustments need a shell command:

tune.ssl.default-dh-param

Does that exist without a value? Or with a value too low?

What do you have set for it here?
Screenshot from 2024-04-10 04-00-44.png

Steve

@stephenw10
I will attempt to find.