uhm 1.7.11 was my doing, a trivial patch to permit uppercase name for the tabs on status monitoring https://github.com/pfsense/FreeBSD-ports/pull/662 idk but i don't think it can't be that I just ran the same commands on my 2.4.4-p3 and i had same results of @Gertjan. so all fine here

@stephenw10 That is a perfect temporary solution for us! Now I can at least get back into my LDAPS and user configs. Thanks! I'm going to do some testing in our non production environment and see if I get get things syncing again. Thanks for your help with this

@pfsensenoobie You need more than 4GB RAM in order to enjoy zfs's file caching. I have three pfSense boxes running with zfs and M.2 stripes. No problems so far. I think the greatest advantage of zfs is that you don't have to think about how you want to partition the drive. In case of heavy storms, one cannot exclude the risks due to induction damages caused by lightning...

@kiokoman yeah, i see the post now. why long time not fixed it? [image: LL11a2j.jpg]

@viragomann Thank you so much again. Everything is working, after disabling the hardware checksum offload. :)

It depends on how you configure the hypervisor interface. Unless you put VLAN 4095 on it the guest will see an interface with untagged traffic on the configured vswitch VLAN.

@KOM but this reinstalls all installed packages, doesn't it? I only need the missing ones.

With HPA you can hide memory from your operating system to over-provision the memory and increase its lifetime. It looks to me that your SSD indeed got bricked. Even if you can get it to work again (e.g. reflash its firmware if that is even possible with that specific drive) I would not use it again for anything critical like a router. I do not believe this happened due to a bug in pfsense. Updates are just very "hard" on disks compared to normal routing operation, so it could really just be a coincidence it broke during the update.

Ok, but what are you actually doing to get into 'safe mode' currently?

Have you unlocked the modem or replaced it's firmware? The second Ethernet port is not normally active on Openreach modems. Is it still running in modem mode? The only way you could connect two pfSense devices to the modem is if it's running as a router. In the default modem mode you use a PPPoE session from pfSense and you can't create two PPPoE sessions. You should use just one pfSense box behind the modem connected via PPPoE and have two subnets on separate interfaces behind that. You can that have them fully isolated or allow connectivity between them as required. Steve

This guide will get you going on how to create the VLANs you want. https://docs.netgate.com/pfsense/en/latest/book/vlan/pfsense-vlan-configuration.html You can then create firewall rules on each interface to restrict access outbound. By default, only the LAN interface gets a Default Allow rule that passes all traffic from LAN to anywhere. All other interfaces, ie your VLANs, will require at least one rule added in order for them to talk. I would stick with pfB instead of pihole as you then only have one device to worry about, and if pfSense goes down then you have bigger fish to fry then adblocking, ha! Bandwidth monitoring can be done with ntop or lightsquid, depending on if you want all traffic or just http/s. https://www.youtube.com/watch?v=_jBufEhP_IU You can do scheduling with pfSense but the interface is a little clunky, and you're limited to 15 minute intervals IIRC. You create a schedule and then create a firewall rule and link to it.

Devices can be found by broadcast on the local subnet, but that won't cross a router. I suspect that you will have to manually add the printer because it can't be found via auto-discovery.

No idea at this point. I would check for firmware/BIOS updates for your board if you haven't already done so. Also, you might want to check out pfSense 2.5-devel which is based on FreeBSD 12 I believe. Not for production use, but seems to work pretty well. https://www.pfsense.org/snapshots/

@davidthomas said in 2.2.6 to 2.4.4: Sorry it was implicit for me. The other way for me : never worked with "LDAP" .... But : important your settings, thena debug / test drive with the help of te https://docs.netgate.com/pfsense/en/latest/usermanager/ldap-troubleshooting.html and there is also a video about Netgate => pfSense on Youtube.

@johnpoz HOLY CRAP!!!!!! No idea why I didn't see it. I just don't think I ever scrolled down for some reason. Visited the page multiple times... Anyway thanks for the help!

@jimp hello sir, i have 4 ports NIC card and 2 ports NIC card attached to my box, and i have also 8GB RAM installed on it, installed ome packages on it like pfblocker, squid and so on., and when i look at yesterday morning, i saw Watchdog error in box, then i rebooted it twice, so far i didnt see those error as of now. Thanks jimp

Hard to say. I would simulate it virtually and see. What happens if you install 2.4.4-p3 in a VM and then restore your old 2.2.4 config?

So you have this [image: 1565369485140-setup.png] Not sure which network you have were exactly.. But if you don't want 192.168.2/24 (bottom network) from talking to 192.168.1 you would block it on the lan interface of pfs2 You would have allow rule to talk to pfs2 lan addres for dns, ping for example on the pfs2 lan rules Then you would have a block rule to 192.168.1/24 Then you would have a any rule to allow clients to talk to the internet.. Blocking 192.168.2 on pfs1 lan would be completely pointless and never happen, since pfs2 is directly connected to it. edit: Ah @KOM beat me too it, but he didn't draw a pretty picture like I did ;) heheheh