@Paul47: pfsense 2.1.4 embedded, Intel D510MO Does this sound like a hardware problem? I'm thinking of getting another board to find out. I might put a fan on this too although last night (when it failed again) it was not that warm and the machine has kept running when it was a lot warmer than that. Is it the same current process each time? Or just random? Without more detail I would recommend trying a full format/reinstall to eliminate corruption as a cause and then if it persists look at hardware causes like temp/RAM/etc…

Far and away the best advice I can offer is "ask the hosting company". They should provide to you at a bare minimum: NETMASK=255.255.255.248 BROADCAST=192.168.47.15 NETWORK=192.168.47.8 GATEWAY=192.168.47.x USUABLE_RANGE=192.168.47.x-x NAMESERVER1= NAMESERVER2= The second best advice I have is make sure that you have your IP addresses whitelisted to access the box remotely and if at all possible test the setup in your lab using the actual IP addresses, not simulated IPs. Lastly, is that block for use behind the firewall (LAN) or do you intend to port forward all the the external IPs?

@ladlaurel: is it possible that my pfSense configuration were messed up because of the sudden shutdown of the servers. or my server(web/mail) settings were also messed up because of that incident. It's certainly possible, but unlikely unless the configurations were being actively written at the exact time power was lost. You need to perform some basic tests to determine where the failure is occurring. The website is easiest generally… is the wan IP static? Can you connect to http://ipaddress:80 instead of http://domainname:80 ?

Where did you find freeswitch.tgz for pfsense?  is not downloable in the fusionpbx webpage. Regards Danisam

Just an update after some investigations today. On TalkTalk but might apply to other UK ADSL ISP's, the username and password issued is irrelevant! I noticed in the huwei supplied firewall logs today the default username after a reset is 01warehouse@talktalk.net which was giving me net access when the router was working like one would normally expect, i not having changed the nas_0_38 from ppoa to bridge with tr069 switched off. I then noticed I had keyed in the username wrong on pfsense, due to the linux device used to access pfsense having the wrong keyboard mapping so the " had swapped places with the @ so my login name was [phonenumber]"talktalk.net not [phonenumber]@talktalk.net. So having corrected it and still no joy, back to the drawing board, messed around the username & password on the huewei router and noticed I could use anything for a username like DoTalkTalkCheckThis@all with a random password and still got net access from the huewei router. So I then went back to pfsense and reset the wan adaptor and set it to PPPoE with the correct username and password, set the MTU to 1400 to be on the safe side, removed some gateways so it only showed the WAN_PPOE and it all worked. Now I also know I spoofed the WAN mac id the other day in a bid to see if I could attract some visitors who might be aware of the mac id I was using, I set it first to the talktalk youview box and with hindsight thats when the drop outs first started some hours later. I had also set it to the huewei mac id today and it didnt like that either. Some further tests tonight and I can confirm it appears talktalk dont bother with usernames and passwords just the mac id, so like the mobile phone IMEI database which exists, the UK adsl net access is monitored/access given by the mac id it would see because everytime I used the router mac id in pfsense, no access, in fact everytime I spoofed the mac id in pfsense, no net access was given. Its worth pointing out in part of the mac id is given out in the ARP packets so its probably possible to detect spoofed mac id's, which perhaps goes to show, coupled with things like google instant search which is obfusicated java script that can be used to detect typing speed and thus the unique typing patterns of an individual when combined with mac ids and other meta data as the spooks would call it, shows how deep and pervasive the big brother system really is! Food for thought none the less when considering Edward Snowdens revelations, and the under hand tactics the politicians used to bring in various bits of legislation to "facilitate" this surveillance, whilst giving the biggest tech companies millions/billions to help them facilitate the big brother society. Might be worth seeing if the nics hardware can be reprogrammed to get new mac ids to beat this system as we are all slowly financially cleansed from existence!

did you found a solution?

No problem, your thanks is enough.  :) I think Jason's catch was probably the showstopper anyway. Enjoy playing with pfSense! Steve

Thank you  so much.

You could for instance get a VPN tunnel provider which is located in another country, and then use policy-based routing on pfSense to send traffic towards the website through the VPN tunnel. Not sure if pfSense is able to use external http proxy services based on rules.

Ok, so what's behind pfSense that can't see the IPTV box? Steve

So just to be sure you're not running pfSense yet at all? Instead you're running Windows on the box just to test the hardware? To make windows run as a router you need to use 'internet connection sharing'. Just enable it on the connection to the internal wifi device. They may have renamed it in the 10+ years since I last used it for anything!  ::) Steve

If you're using that wifi router just as an access point you probably don't want to use its WAN port. Instead connect directly to one of it's LAN ports and make sure you've disabled its DHCP service. That will make it act as an access point only. The exception to this is some routers have an 'access point' mode where the WAN port is added to the LAN port bridge or if you're running a third party firmware and can add the port manually. Steve

Both of the above suggested methods do not produce the result of issuing the command manually through CLI, the debug.txt contains no specifics to point to errors or privileges in execution of the script. the environment of cron is /var/log while environment of CLI is /root  How to execute cron scripts with /root environment

The two CA don't need to have the same keys on windows but must have the same name/freindly names I know this because I use a MITM to peek at SSL data and then isue fake certificates on the fly and did not always import the root CA and it all still worked if that helps

Friends, I have pfsense running perfectly with firewall and also authenticated proxy. But I have a serious problem when access the Proxy Server Logs in Real Time. So I Denied appears on users to pass through authentication. Anyone know why? Example: I when the user authenticate with your password and try to access blocked sites, deniede appeared in the logs. It does not. The error page also takes a long time to appear, even redirecting it to another page. Can someone help me?

ok will need to try it

Have seen the same problem occur with our setup: https://forum.pfsense.org/index.php?topic=73460.msg401168