Okay, I found what was screwing me up… Whilst thinking about something completely different, I realised I had Squid Proxy Server running in pfSense. Turning off Squid fixed the issue, I'll have to try and reconfigure that for VLANs later when I have more time.

OK, I believe I am at the last state of building the iso. Please help what's wrong, I am getting this error.. _====>> Compressing kernel Cloning everything to /usr/MYPRODUCT/tmp/stage-dir staging area…mv: rename /usr/MYPRODUCT/tmp/stage-dir/usr/local/sbin/pfSense-upgrade to /usr/MYPRODUCT/tmp/stage-dir/usr/local/sbin/MYPRODUCT-upgrade: No such file or directory mtree: /usr/MYPRODUCT/tmp/stage-dir/var: No such file or directory ====>> Copying metadata for package rc ====>> Creating core package rc pkg: Unable to access file /usr/MYPRODUCT/tmp/stage-dir/etc/rc:No such file or directory ====>> ERROR: Execution of 'pkg create -o /usr/MYPRODUCT/tmp/MYPRODUCT_master_amd64-core/.real_20170704-0418/All -p /tmp/rc.fBwqdvV/rc_plist -r /usr/MYPRODUCT/tmp/stage-dir -m /tmp/rc.fBwqdvV/rc_metadir' failed (rc = 70) ====>> Removing immutable flags from /tmp/rc.fBwqdvV ====>> Removing recursively /tmp/rc.fBwqdvV #################################### Something went wrong, check errors! ####################################_

Ah there we go, it was just the firewall rules. Didn't seem to need any special outbound rules in pfsense or anything special with openwrt. I just used these rules below and all is well.First one is a bit redundant, but I'll leave it since it doesn't hurt. Thanks for the help! EDIT: I just realized, since they can both access each other, I wonder if they will compete for DHCP… more testing to do. EDIT2: I have multiple access points across the house(wired), and they are all connected to pfsense, so my laptop will get a 192.168.1.x ip. I move towards the area with the wrt1200ac(which has the same name/login as the other ap/s) and the laptop's ip changes to a 192.168.2.x ip and everything works seamlessly. I go back to the other side and the ip changes back to  192.168.1.x with pretty much no interruptions. I'm surprised it works so well. So far I have not see any other type of DHCP competition for the wired computers or anything like that. [image: capture3.PNG_thumb] [image: capture3.PNG]

Hi Jonny, did you find any solution. I ran into the same problem. I don't find a cause but sometimes my cable provider fritzbox6490 "crashes" when i am using my PCs. For no reason my wan connection stops working. The first indicator is higher pings and/or direct timeouts on 8.8.8.8, at  this point without doing something the fritz crashes within a few minutes. 6490 with Fritz 6.5 (bridge mode) APU2C4 pfsense 2.3.4 (static wan ip) mostly this issue happened when i was logging into an fresh bootet System (MacOS/Debian/Ubuntu/WIN7/WIN10). First i thought dropbox sync was causing this, but it happened also on systems without dropbox. When using my Cisco ASA5506 there is no problem. i tried several reinstallaions and different system configurations. kind regards ralto

@Nullity: Hmm… Dunno. I've had an Asus RT-N66U running as an AP with pfSense as the router for years. No problems with Android, or any device. I would be less likely to blame pfSense since there isn't much routing being done in your problematic situation. Most traffic is layer 2, so I'd suspect your WiFi devices first. Do you have access to any low-level 802.11 logs? Are you sure the clients are initiating the disconnect? That is what the support people on the Portal side said. I definitely want to agree with you, it doesn't make a ton of sense that the connection would work and then disconnect on the WiFi side. I asked the Portal folks to send me the logs that indicated the client was performing the disconnect. I figured I'd get the ball rolling here in the hopes someone else had seen the issue. I am also going to do some more thorough testing this week with the WiFi to see if i have problems, I just had to setup the Portal network again so my wife could work today (the second router acts as both a mesh node and as a bridge for her desktop at home). I will probably do something like use another port on my pfSense box for a second WiFi network and connect just my phone to it.

@Maerad: Honestly - the whole approach to the problem is wrong IMHO… ...Secure you Windows, work with care, get a more expensive router... ...if you are not a enthusiast user that has no problem spending hours to find problems and just want the network to function, do yourself a favor and go the easy way. @pfBasic: In general, pfSense won't prevent you from getting viruses. That being said it will absolutely help if implemented correctly. Best all around anti-virus is still going to be your decisions on the web and on your device. @Maerad: Separate networks might help a bit, but in reality, it's way too much work and investment in a private home Eh, seriously? Separate networks take a few minutes to setup and the cost of getting a web managed switch that supports 802.11q over a "dumb" switch is pretty negligible for a home use switch. The firewall rules are not complex at all. Just write a rule on the interface you want access from to allow access to the network that contains the device you want to access… Buy a more expensive router that has a Guest network? One of the big draws of pfSense is the ability to run it on the old computer you have sitting in the closet from 8 years ago, or a $50 eBay/craigslist special. Out of the box, pfSense works. Any complexity is user implemented. The $50 T420 from 2011 I have sitting on my desk with a single NIC paired with a $30 switch will easily outclass a high end SOHO router...

OK, pulling my hair out with this - and I don't have enough to spare …  ;) If I try to start my services (which use daemon, so fork to the background) ... they block other services from starting (actually, one does, the other doesn't - but they both just call Python ... very odd). So I tried a shellcmd in the bg (trailing &) -> then pfSense doesn't even boot fully! I have to go to the console, press Enter to get it to continue (and then again to skip changing the configuration). Next I tried a super-complex script (ls -alF) ... ;D. Ran that in the background (test.sh &) -> again, pfSense won't boot, it gets stuck, have to press Enter on the console. But after that, all the services have started at least). But boot shouldn't stop, agreed? So very confused about this, and why it's not working. Has anyone else been able to get it to work? Thanks!!!

Thanks for the reply, its very odd that it recognizes as USB controller the mac that is registered on pfSense of that NIC is d8:cb:8a:59:29:8e it was a tplink box and within was the PCI express, i guess the question is should i leave it as it as the NIC only purpose is to separate the WAN IP from the EMAIL Server IP meaning that users navigate on another NIC while the email server static IP is on the NIC d8:cb:8a:59:29:8e.  So far i have not had any users complain. Or would there be possibility to modify the config?

I am ready to mount the disk with freeBSD live cd (through usb), but when i want to create a dir with mkdir /disk I got error Read-only file system nvm, now I am using recover option from pfsense usb install, but I don't know how to mount the disk: # gpart show ada0 63 123666369 ada0 MBR (59G) 63 123665409   1 freebsd [active] (59G) 123665472       960 - free - (480K) # gpart show ada0s1         0 123665709 ada0s1 BSD (59G) 0       16 - free - (8.0K) 16 106888177     1 freebsd-ufs (51G) 106888193 16777216     2 freebsd-swap (8.0G) **EDIT I solved through myself, follow this procedure: # mkdir /home/disk # mount /dev/ada0s1a /home/disk we have now disk mounted then: # mkdir /home/usb # mount_msdosfs /dev/da1 /home/usb we have mounted a usb stick (the device name da1 could change) then browse to: cd /home/disk/cf/conf/ and you will find config.xml and the folder backup with old config auto-saved. Just do: cp config.xml /home/usb to copy your config to your usb stick

sigh.

I have a feeling I many not be able to use the VAs since I want to separate the guest from the domain.  I just found this post. https://forum.pfsense.org/index.php?topic=112288.0 It is a good write up.  Thanks for the reply.

Plugging directly to the modem, I got 450 down and 400 up We also have HP Procurve 2810-48g switches, so I put one of these between a laptop and the integra modem and still got 100 down, 165 up, to test if it was the switch According to your statement, the problem seems to be related to the switch.

https://forum.pfsense.org/index.php?topic=132735.msg729802#msg729802

I think that happens because, instead of wrapping the security into the package or similar they're used to using, they're given a new thing that's more complicated to use and they just give up. Server side can be complicated, but client side can't be more complicated than what came before if you want users to adapt it without any whining. They care about security when you talk about it, but a lot of them don't care if that means they have to jump through extra hoops to get there. That's why apple has done so well and why windows 8 failed.

Thanks for the hint. I have ntopng installed, but it doesn't appear to store traffic data, but only shows live data. I.e. I would have to get up at 4 a.m….?