@johnpoz And now that it's pointed out it's so obvious why it's not working. Apologies, looks like I'll have to go back through the config history to see when the NATs were updated to have a source port.

Thank you kindly

@T2M5 said in IPsec over VIP CARP IP:

Thanks a lot for the help, have a great day bro.

glad that it worked, good day for you too bro

@johnpoz I chose to use an NTP master on Linux CentOS and point pfsense to it to then distribute to network clients. It was actually much easier and quicker to configure, I tried a few times to synchronize with ad but there was always a problem somewhere, pfsense wouldn't synchronize or distribute, or vice versa.

Not that it doesn't work, but I couldn't get it to work lol. But I will try to distribute the time through chroync in Linux to the pfSense and define it as Server and to point every client to the pfSense.

Thank you very much for your help, you saved me a lot of headaches bro.

Setting up Sonos with VLAN for enhanced security and Spotify Connect integration offers a seamless audio experience. However, ensure you're using official methods to access Spotify, steering clear of unauthorized avenues like the Spotify Premium APK. Enjoy your music setup with peace of mind and convenience.

@lindhe this has come up a few times already ;) I was just going to post to one of the other threads, but it was quicker to just point to the info in the docs ;)

@mcury interesting I will have to look more. I do have usb backup but have had it for a while and this snort issue just recently started popping up. My backup still does work as far as I can tell.

@ddbnj It's probably in the docs somewhere. That one shows when adding a rule. There's an alias for each pfSense network/subnet plus This Firewall.

@Mr_JinX I agree with the possible security problems but i haven't found much negative information on it. Also they won me over because the dev worked on a few of my issues that were not working. So NXFilter has a built in net-flow collector. It wasn't working as i thought and they worked with me on fixing it.
Its in the back of my mind of course that this app hasn't been vetted by anyone(as far as i know) but...so far....works as advertised.
It has an updated categorization system, builtin netflow collector, and reporting (which isn't great). Fills the home requirement.

The issue i have with the suggestion of external DNS services is that you cant track who is visiting what site as all source IP information will come from your WAN.

@viragomann thank you for your responses. I'm not sure I understand your questions fully. Can you break it down a little further? I'm new to all this

@unique_username Presumably you enabled those rules for a reason…?

I would just say, try moving Suricata to LAN which will also avoid scanning all the packets that would normally be dropped by the firewall.

Also if it’s just one IP being blocked you can suppress that alert for that IP.