Bridging and VLANs can be.... interesting! But what you're doing isn't that complex you should be able to create a bridge with the two VLAN 36 interfaces in it. Steve

@stephenw10 22.01 on pfsense and 0.15.7_33 for freeadius

Yes the order they are parsed/returned in determines the order they are displayed but nothing else as far as I know.

@gertjan Makes sense. Thanks for the info/explanation. Good to know this is available should it be necessary.

Ok, it's incomplete so the firewall cannot connect to the gateway at all. It is not responding to ARP requests. A layer 2 failure like that usually means something basic like a cable in the wrong port or an incorrect VLAN config in the switch maybe. Steve

@stephenw10 I did install GrayLog in a Jail on my TrueNas system. Lets see how that ^works^

I did lot of testing. Really pulled out my hairs out. TL;DR: After I let my WAN interface DHCP lease to expire I changed interface MAC address to make sure that I got another IP. With new IP everything is working as should. Really nice :)

I just added this line $tmp = str_replace("utf-16", "utf-8", $data); under line $tmp = str_replace("^M", "", $data);. It's rather crude, but it works :)) edit: This could work too: $tmp = str_replace("utf-16\"?>", "utf-16\"?>\n", $data);

It's possible that happened during the upgrade before the package was updated. The crash shows the dumptime as: Sun Jul 3 152927 2022. However is also shows 5 crashes and all the logged panics look to be the same. That seems unlikely to be from the upgrade. If the crash report returns that will confirm it's current, yes. Steve

It's easy to lock yourself out during the creation of the bridge because you would usually reassign LAN and bridge. So if you are connected via the LAN you must take care. As long as you have access via some other means, such as the console, you can just roll-back. Steve

Yes you need to set the action on the cert for whatever is using it so it starts using the new cert. Steve

Yup, that should work. Be interesting if it does though, with the same module. Hard to see what's different there.

Mmm, there are some USB adapters that will do 2.5G under FreeBSD but.... don't expect that!

So you have couple options: • Setup any VPN on pfsense or your NAS and use it to file sharing (NextCloud) service. • Setup NextCloud through Nginx on NAS and setup correct access policies in nginx to access only to share links, and with other access to admin/sharing only from local network or VPN IPs. • Setup NextCloud on NAS and haproxy on pfsense. And do same as above but on haproxy side. Last two options are pretty complicated, and required good knowlege in nginx or haproxy configs. There are no way to limit file sharing service only on firewall/nat. If you open access to share links you automatically open access to admin panel. You must understand that almost all hacked and cryptolocked NASes on web was hacked through file sharing services that expose whole file sharing service to web. And you need limit unrestricted access only to file shares. Any links that not fall into allowed category should be dropped without any access to NextCloud server.

@lange-ludo Thanks, I had the same issue upgrading to 2.6.0 and this fixed it for me.

On last reply and this can be put to rest. using there device and setting to bridge mode only granted me a day with no notifications and no loss of internet. My guess is that recently they must have implemented something that checks for the nokia router. I only say this because while it's setup as a router and i put my pfsense box in the DMZ of the nokia router no issues whatsoever. Thanks @stephenw10 for replying

The only downside I have experienced with this is when you have a DNS you use tied to monitoring a WAN that is offline -- you lose use of that server.

@gertjan Thanks for your preferential answer on trying to gear me in another direction. I simply wanted to know how to do this in a technical manor. I'll research else where.

Update! I heard back from Starlink. They were nice enough to let me know I should only have one router in my network and sent instructions on how to change DNS addresses. I reopened the ticket, explained again, and asked for it to be escalated to a higher tier support so it can be sent to hardware engineering. We will see. Adam

Ah, then you will hit this: https://redmine.pfsense.org/issues/12954 It's fixed in 2.7 and 22.05. You could upgrade to either of those as a test. With a link exhibiting buffer-bloat that badly you probably need shaping of some sort. You could try using an ALTQ shaper instead. Steve