@viragomann Thank you so much again. Everything is working, after disabling the hardware checksum offload. :)

It depends on how you configure the hypervisor interface. Unless you put VLAN 4095 on it the guest will see an interface with untagged traffic on the configured vswitch VLAN.

@KOM but this reinstalls all installed packages, doesn't it? I only need the missing ones.

With HPA you can hide memory from your operating system to over-provision the memory and increase its lifetime. It looks to me that your SSD indeed got bricked. Even if you can get it to work again (e.g. reflash its firmware if that is even possible with that specific drive) I would not use it again for anything critical like a router. I do not believe this happened due to a bug in pfsense. Updates are just very "hard" on disks compared to normal routing operation, so it could really just be a coincidence it broke during the update.

Ok, but what are you actually doing to get into 'safe mode' currently?

Have you unlocked the modem or replaced it's firmware? The second Ethernet port is not normally active on Openreach modems. Is it still running in modem mode? The only way you could connect two pfSense devices to the modem is if it's running as a router. In the default modem mode you use a PPPoE session from pfSense and you can't create two PPPoE sessions. You should use just one pfSense box behind the modem connected via PPPoE and have two subnets on separate interfaces behind that. You can that have them fully isolated or allow connectivity between them as required. Steve

This guide will get you going on how to create the VLANs you want. https://docs.netgate.com/pfsense/en/latest/book/vlan/pfsense-vlan-configuration.html You can then create firewall rules on each interface to restrict access outbound. By default, only the LAN interface gets a Default Allow rule that passes all traffic from LAN to anywhere. All other interfaces, ie your VLANs, will require at least one rule added in order for them to talk. I would stick with pfB instead of pihole as you then only have one device to worry about, and if pfSense goes down then you have bigger fish to fry then adblocking, ha! Bandwidth monitoring can be done with ntop or lightsquid, depending on if you want all traffic or just http/s. https://www.youtube.com/watch?v=_jBufEhP_IU You can do scheduling with pfSense but the interface is a little clunky, and you're limited to 15 minute intervals IIRC. You create a schedule and then create a firewall rule and link to it.

Devices can be found by broadcast on the local subnet, but that won't cross a router. I suspect that you will have to manually add the printer because it can't be found via auto-discovery.

No idea at this point. I would check for firmware/BIOS updates for your board if you haven't already done so. Also, you might want to check out pfSense 2.5-devel which is based on FreeBSD 12 I believe. Not for production use, but seems to work pretty well. https://www.pfsense.org/snapshots/

@davidthomas said in 2.2.6 to 2.4.4: Sorry it was implicit for me. The other way for me : never worked with "LDAP" .... But : important your settings, thena debug / test drive with the help of te https://docs.netgate.com/pfsense/en/latest/usermanager/ldap-troubleshooting.html and there is also a video about Netgate => pfSense on Youtube.

@johnpoz HOLY CRAP!!!!!! No idea why I didn't see it. I just don't think I ever scrolled down for some reason. Visited the page multiple times... Anyway thanks for the help!

@jimp hello sir, i have 4 ports NIC card and 2 ports NIC card attached to my box, and i have also 8GB RAM installed on it, installed ome packages on it like pfblocker, squid and so on., and when i look at yesterday morning, i saw Watchdog error in box, then i rebooted it twice, so far i didnt see those error as of now. Thanks jimp

Hard to say. I would simulate it virtually and see. What happens if you install 2.4.4-p3 in a VM and then restore your old 2.2.4 config?

So you have this [image: 1565369485140-setup.png] Not sure which network you have were exactly.. But if you don't want 192.168.2/24 (bottom network) from talking to 192.168.1 you would block it on the lan interface of pfs2 You would have allow rule to talk to pfs2 lan addres for dns, ping for example on the pfs2 lan rules Then you would have a block rule to 192.168.1/24 Then you would have a any rule to allow clients to talk to the internet.. Blocking 192.168.2 on pfs1 lan would be completely pointless and never happen, since pfs2 is directly connected to it. edit: Ah @KOM beat me too it, but he didn't draw a pretty picture like I did ;) heheheh

So I just found out that the problem isn't from PfSense. Everything is working ok. I get IPs and internet connection if i plug an ethernet cable in the computer. The problem is probably at my wireless access point. Thank you for your help.

Okay Thanks ....I will update when I will do it ....

@stephenw10 said in How to get Huawei E3372 working with pfSense?: Nice work.  :) FreeBSD does have an rndis driver now. It's not included in pfSense by default (yet) but you can load the module to test it if required. Steve Hi , I got my e3372 and switch it in stick mode.my problem is I've got a pfsense 2.3.5 on my alix 2d13 board..It doesnt show the NCM interface..How can I load rndis driver on 2.3.5??

Tons of php errors are normal for that upgrade and the release notes warn you to expect those. https://docs.netgate.com/pfsense/en/latest/install/upgrade-guide.html If you're convinced that it's somehow badly broken, then install fresh and restore your config.xml. No idea about your custom auth script.

Ok, you are passing only TCP/UDP so you will not be able to ping anything from the LIBRAY_NET subnet. Other traffic should pass though as long as it's not in those deny aliases. What's actually failing and how is it failing? Steve

https://docs.netgate.com/pfsense/en/latest/backup/automatically-restore-during-install.html