@stephenw10 Yep starts up fine, no issues. Unless i can reproduce it or others have a similar issue might have to throw this in the mystery box.

@getcom Thank you! That worked!

Unclear. By 'router' here you mean the gl.inet GL-MT6000? And that is connected to the pfSense LAN? I can only imagine that device drops the link to the LAN when it reboots and the other device does not. However that should not affect the WAN. The other possibility is that during boot it comes up with a subnet that conflicts with the WAN causing the default to flip. But however it's doing it you should definitely set WAN_DHCP as default to prevent it trying to use the VPN as default.

@stephenw10 said in device has not been registered for pfSense+: Yes adding or removing any NIC, including USB, will change the NDI. If you run pfSense-repoc -DN at the CLI it wil print the NDI actually being sent to the repo servers to check against. Well dag nabit! Thanks Steve! I just promised Craig I will never do such a bad thing again.. I should have been using my test box to test and not my primary.

Found a setting on newer iOS that may help here as well … wife was reporting in parts of the house her phone would swap from WiFi back to 5g during a call Can try disabling Settings -> Cellular -> Wi-Fi Assist (“automatically use cellular data when Wi-Fi connectivity is poor”)… maybe a dead spot or between APs fools the iPhone to opt for the crappy cellular signal ?

I've not seen anyone use Nextcloud specifically but it's just a matter of code. See: https://docs.netgate.com/pfsense/en/latest/backup/remote-backup.html

hey all, I could narrow it down... found my zyxel switch was causing the problem...it is (I guess) another bad IPv6 implementation. So I offed my v6 Interface on my xs1930. Still reachable with v4 and no more spamming my logs. Thank you for your hint @stephenw10 :)

I don't believe so since the radius traffic never leaves the firewall.

@jeep417 my guess would be you had UPnP before opening the ports needed for stuff like the.. I don't think I would ever make my network app open to the public. Not sure about protect or site manager - but the normal network app can be cloud enabled. I always turn that off, but believe it phones home to get any info you change, etc. If I need to access my unifi controller while out and about I just vpn into the network. Cameras normally work without opening ports because they phone home to the mothership and open the connection outbound that your app is able to use. I access my cameras when out and about this way.. You could enable UPnP on pfsense - but I would suggest against that. If you can not enable cloud/remote in the different unifi apps, I would vpn into manage those.. I don't use protect or site manager but the unifi controller believe if you enable it is in the unifi portal [image: 1733066781493-remote.jpg] Out of the box pfsense doesn't block anything outbound.

Everyone, Netgate helped me solve it. As usual, operator error. It had wireguard on it, and I didn't know it. It was an ip conflict. Yes, the firewall was open to make it easier to troubleshoot. I can close it down now. Thanks ! Gary

@joshgreyz Again we're off topic. Security updates. Period. The other releases are mostly unrelated to what CE wants and needs. Only thing I can really think of is moving to new dhcp service...and that isn't exactly a severe security related thing just moving a very slight piece of the stack. A large quantity of built in bsd vulns (of which there are few) don't exist here because they're compiled out - remember this is primarily a firewall/router that is designed to live in a hostile environment. We're like 33 posts in and whining about release quantity. Specific patches are available when necessary, and they're available very quickly. Period. @Patch yeah...development work is happening in areas that corp customers have been stating that are stoppers for a decade. Again...CE is not behind on security. You're measuring commits that include UI typos and saying that something that is completely unrelated to that is dead. Moderators can we please lock this thread as it is literally just wandering in the desert complaining.

Mmm, so probably no hardware to attach to.

Try reverting the widget reload behaviour as shown here: https://forum.netgate.com/post/1191398

@bluecovenant said in getting DNS leaks: hmmm i just rebooted with the "dns server override" unchecked, and got a leak again. any other suggestions? could this be a problem with how the vpn interface is set up? @bluecovenant said in getting DNS leaks: "dns server override" I had same issue as you, and i resolved it by using DoT. See my thread here. The other not so elegant solution is to configure your DHCP server so it hands out proton DNS IP`s to your clients directly.

@viragomann thank you for the confirming feedback! EDIT: ps: it worked out great, thanks again

@patient0 said in Is it possible to access the pfsense console remotely?: @jriofrio there are KVM-Over-IP available but they are mostly not cheap. Like TinyPilot Voyager for $350 is an example. Or a new one on Kickstarter is JetKVM for $69 according to their website (Lawerence System did a review on it). But be careful with Kickstarter projects, they may not come alive. Or build a PiKVM... https://docs.pikvm.org/v2/ All you need is a Pi4 (preferably) and a HDMI to CSI module.

@jimp Yes, very simple. I'm on “KEA” now and everything's OK

Send me the tip in chat and I'll check. Steve

@comet424 resolving local resources that are listed in unbound be it via dhcp registration or static dhcp registration or host overrides has zero to do with any public dns service you would forward too.. They are not going to resolve your local resources, nor should they even i you put records up there because any ns you forward or that is not actually unbound itself that returns a rfc1918 address would be a rebind and is dangerous behavior.