This sort of system is outside my experience to honest. There were some issues a while ago. For example I believe this no longer applies but because none of the boxes I use igb NICs I can't be sure  :-\ : https://forum.pfsense.org/index.php?topic=69486.0 If it happens again you might consider going to 2.2 which has newer drivers as well as many other improvements. Steve

It may work just as well normally but will it come back up after an outage? With the threasholds set to their standard values if you have a laggy or lossy connection, such as a wifi or 3g/4g link, then you would exepct to see lots of alarms and down times but you still expect it to come back up by itself which this isn't.  :- I'll not pretend to know too much about apinger though it seems to behave in it's own special way.  ;) I once read through all the config scripts and still came away with conflicting ideas. Steve

Thanks for the reply–I'll look into smokeping. Not familiar with that at all. As far as the email notifications, I was looking for convenience sake. This is a site that I'm off location for, and I would prefer to just have it email me if pings go down and sort of a daily report for the logs, rather than having to check it myself.

Currently the only way to get a copy of the updated book is via the Gold subscription.

And what IP is on your lan of pfsense? that 192.168.1.155 is that pfsense wan or lan address? You would need to put a vip on the wan interface connected to the device so that they are on the same network, and make sure there is an outbound nat.

Possibly if there's still some conflict. I don't see anything immediately so I'd guess at some openvpn problem. Steve

You can almost certainly do this in php, though I never have. If you look into how this is done in pfSense is uses a function something like: get_real_interface(LAN)# It's a function in /etc/inc/interfaces.inc Steve

Yep, a plain vanilla typo - pull request https://github.com/pfsense/pfsense/pull/1369

I've tried that to no avail.

@StefPar: Thanks Steve, because my network is an offline network i can't use auto backup package so if you can i need an example about backup from console.. thanks Try this: #/bin/cp /cf/conf/config.xml /mnt/backup/pfconfig/config-`hostname`-$myDate.xml This should make a copy of your configuration to /mnt/backup/pfconfig just adjust this to the location where you want to have it. In my case, this is an SDCARD.

It was an outbound NAT problem.  A while back while testing some diferent OpenVPN configs I had changed Outbound NAT over to manual.  I changed it back to Auto and everything's working perfectly now. I appreciate the suggestion!

That will only work to let you into a small number of pfSense devices until it trips the bug again. Also it would forget any other HTTPS certificates that were manually marked as trusted. That db can be managed from inside the settings on Firefox, though it's still a poor workaround for most of us. If you're on 2.1.5, apply this patch: http://files.pfsense.org/jimp/patches/cert-unique.patch Afterward, from the shell, run: pfSsh.php playback generateguicert Then the GUI will use a certificate that Firefox won't choke on. If you're on 2.2 already, run the command above from the shell. It's already present. Certs on fresh 2.2 installs are fine.

You don't  But that is not a normal configuration.. I would do it this way, since if your sending 22 to .3, that is not really www.foo.org now is it ;)  So ssh.foo.org would be better or ssh.www.foo.org if you wanted.  I have to assume your sending both http and https to .15 so www.foo.org points to .15 works for both of those.  And 10k.foo.org for port 10000 pointing to .19 you have 4 different IPs there they are not all www.foo.org  Other way you could do it other than NAT reflection is actual forward on your lan side that says if going to IP 10.0.1.15 (www.foo.org) on port 22, really send it to .3, same for your 10k port

thank you guys..and it works perfectly great

Thanks for the insight, I will remove the virtual CD drive and see what happens I was just caught off guard because these pfSense instances have been running fine for over a year now only to suddently start being unreliable like this.

It's apinger.  I think I restart it by turning gateway monitoring off then back on for the interface.

The external IP addresses using the most bandwidth are Akamai & Level3 caching servers.  Are you running Squid cache?  Is it possible that a Windows Update or some other large blob is being downloaded to your Squid cache?  That would explain high bandwidth into WAN that isn't being passed out to LAN.

You are right! I just tested using speedtest.net, and now I see the 800Mbps peaks without issue.