Appears to be UPnP AV. So all multicast discovery shenanigans.

You can import the old configuration. When you restore it will prompt you to remap the interfaces, but that should be all it needs. You might want to remove any <package> ... </package> sections, restore that modified config, and reinstall packages after you restore. That would make it smoother.

So /32 is not correct.. Should be using the mask of your netblock [image: 1556532580703-vipmask.png] Then also run through the troubleshooting guide. https://docs.netgate.com/pfsense/en/latest/nat/port-forward-troubleshooting.html First thing I would do is actually validate traffic is hitting your wan with dest to that IP, with a packet capture. edit: Oh you got it working - you deleted your last post saying you were still having issues. Glad to hear.

Yeah so this got solved with a power cycle of the modem. That I SWEAR i'd done 1000 times in myriad different orders of operation. I did refresh and renew the dhcp under Interfaces->WAN before the the refresh/renew had seemingly done nothing (still had 0.0.0.0). So I'm up for now at least...

@JeGr said in New installation strange behavior - I can access web interface. however, I can't ping to the device: no ping" to "ping" that's your case: Thanks and it does explain everything .... You are a star.

Hi, The numbers I got were posted earlier. The changes I made to the loader/sysctl for the most part do not seem to have changed much. The speed increase happened once I turned off the option to insert a stronger ID. For reference here are the system tunables page (sysctl) and boot/loader.conf.local file. Most of which is now commented out and/or for the built in interface card and not the chelsio. :p #Improve Cache size hw.ix.rxd="4096" hw.ix.txd="4096" #Change processing limit -1 is unlimited hw.ix.tx_process_limit="-1" hw.ix.rx_process_limit="-1" #Set the queues to cores #hw.ix.num_queues="16" #force flow control settings 0 to disable. hw.ix.flow_control="0" dev.ix.0.fc=0 dev.ix.1.fc=0 dev.ix.2.fc=0 dev.ix.3.fc=0 #disable cache connection detail #net.inet.tcp.hostcache.cachelimit="0" #ensure HT is disabled machdep.hyperthreading_allowed="0" #enable optimized version of soreceive #net.inet.tcp.soreceive_stream="1" #unlimited isr threads to maximize all core use #net.isr.maxthreads="-1" #net.isr.bindthreads="1" #use msix instead #hw.ix.enable_msix="1" #use aim to improve efficency on network stack #hw.ix.enable_aim="1" #hw.ix.max_interrupt_rate="16000" #increase max interrupts #hw.intr_storm_threshold="9000" [image: 1556238943170-sysctl-resized.png] Hope that helps. Cheers!

Yes it does. It is listed as "default". That's what 0.0.0.0/0 is all about anyway! [image: 1556193675221-aaa657c2-01ae-4e73-a32c-a5dfaf21a1a8-image.png]

@homikaushal said in Data Transfer: I have a cisco 3560 8port swicth between pfSense and VMs. What is the exact switch model number ? IIRC some of the range are 10/100.

Hi, @Jungtv said in Convert pfSense from virtual machine to physcial machine: t 70 physical machines .... don't have internet access ... You could check with VMware how to clone the disk space. This way everything will be copied over, packages included. The basic idea of pfSense is : save the config file, and import it on another device But it will be not a 100 % pure "sit back and watch" experience : the network interfaces will probably be using other drivers, so other interface names. You have to re do that part of the setup for sure. Install a Ethernet router, not connected to the Internet is still like construction a swimming pool without any water in the neighbourhood. The question has been asked many times before, and I guess it's possible to preload the package files. It boils down to : are you a real FreeBSD expert ?

Well I hunkered down for a long list of troubleshooting, listed out the various things I was gonna try in the order I'd try them. I released and renewed DHCP under Status->Interfaces->WAN (while running a pcap) I restarted the modem with the WAN ethernet cable plugged in and the pfsense box powered on the whole time etc And I never got to spoofing the mac address or anything. The WAN IP was still 0.0.0.0 and the pcap looked the same after the first step but after a restart of the modem it grabbed an IP address!!!! I swear I power cycled the devices many times in a multitude of different orders of operations and it never worked. Maybe the release and renew of the dhcp, though not working before a modem restart, actually did something to help on the next modem restart. In any event, fingers crossed, i seem to finally be up. I don't understand why I had issues with only the Dell installation but at least I have learned a few things along the way:) Thanks for all your help!

@slightlybeige said in IP address conflict on new install despite changing it?: The fault I'm more interested in is how changing the interface IP appeared to somehow NOT change the interface IP. Connecting to an Interface and changing the IP is time critical. I can't test it right, now, but I guess you wind up having a big green Apply button. Ones hitting that, there will be a message that states that pfSense changes LAN settings, and a browser redirect should activate in "20 seconds". After the delay, the GUI should work on 192.168.1.4. If you connected your new pfSense to early, some of your network devices might have 'sniffed' that another "192.168.1.1" device was present on the network, and things go haywire. Btw : when starting up a new pfSense, I always activate the console access. Serial if possible, if not keyboard/VGA and by SSH also. Maintenance related to the GUI itself, IP changing, etc, I don't use the browser that, I use the console.

Hmm, that is usually OK to have enabled but yeah I;d just leave it disabled if it's causing a problem. Steve

Concur with Stephenw10 here, complex is normally not the best choice.. Why can you not just route/firewall with pfsense - if your current edge device can not be put in modem/bridge mode so that pfsense gets public IP on its wan.. Then just double nat.. Much simpler setup! Than bridging..

@johnpoz The AirVPN guide has the Do not pull routes checked so that is what I do. I do override the VPN to allow Netflix to work and also my email server but that is it. I learned something today. Thanks guys. Much appreciated Randy

Yes we usually don't make CE installer images for patch releases but made an exception for 2.4.4p1 as there were a number of nasty bugs in 2.4.4 it fixed. Things that could prevent you easily updating. Another good place to check is here: https://docs.netgate.com/pfsense/en/latest/releases/versions-of-pfsense-and-freebsd.html Steve

Many thanks Steve! You're a genius! adding route-nopull worked. VLAN30 is clear to isp and VLAN20 on VPN and does not go outside when the VPN connection is dead. Problem sorted!! Thanks again!!

I'm pretty sure the VPN wasn't the problem. I built this box from scratch. My old firewall worked no issues. This problem only started occurring when I went to this version. I also posted my issue on a Pfsense Facebook forum and I had a couple people confirm they also had the same issue when they went to version 2.4.4 p2. Their fix was to revert back a level. That isn't the best option for me at this time. I'm not an expert but I'm far from a novice.

Realize this topic is rather old but just wanted to update it that I went ahead and ordered caps from mouser that matched the spec of the ones I pulled off the board and got the old Firebox running again! Was even able to get it booting off a hard drive. Really appreciate all the insight offered!