please clarify what you wish to achieve … don't try this with ascii-art, draw a proper schematic.

@Gertjan: Wait ! So, when choosing the automatic installl (hides all the technical details) it decides to make a 40+ Gb swap ? On a 32 Gb RAM system …. For info : on my 3 Gb system it never uses the swap. Yes, the installer makes the swap equal to 2xRAM. I have 16GB ECC RAM in that machine, so it made a 32GB swap. Someone should change that installer to ignore 2xRAM if the machine has enough for three reasons: It's a very old formula for deciding the size of the swap, when machines tended to have very little RAM. I am talking MBs not GBs For a machine that has enough RAM, swap isn't used much especially for a machine which is up 24/7 which pfSense would be. swap may be used in desktop OSes for hibernate etc, but for an appliance like pfSense, it's not used as much as indicated by many users here. @Gertjan: Btw : on a device like a firewall I would have opted for a raid 1 …. Knowing that you use 'old' drives ;) That would require me to have 2 drives. The only other 3.5" drive I have is a 500GB that I keep as emergency replacement for my FreeNAS box in case a drive fails. Also, wasting a 500GB drive for pfSense seems like a waste to me, especially since even 80GB would be more than sufficient for what I need it to do.

Scrap that, i found it under system/routing/gateways/advanced Thanks again

Well, not much more to do then. It's a ~12 year old laptop. Maybe try a verbose boot of 2.3 and see if you see anything more, but it sounds like recent versions of FreeBSD do not like that hardware. 2.2.x is based on a much older version of FreeBSD.

well, now they do  :o Thank you very much  :-* ;) solved!

""Bridge LAN ports to act like a switch".. but will just get a switch." Good choice!

Hi, It's not immediately clear what you are connecting here but the short answer is no. pfSense will block all incoming traffic on an interface by default so unless you add rules to allow traffic between those subnets it will not pass. If we had a diagram of what subnets you're connecting and a description of why we could probably offer more insight. Steve

No. And 2.4 is already using FreeBSD 11.0.

This all makes sense. Thank you.

I had the same issue just now on a new pfsense VM, seems switching back to the stable repo fixed it, so currently development repo is broken?

@Gertjan: Setting up a VPN before even have a WAN access ? I'm impressed. That's not quite what I meant. What I meant was setting up the new interface for the VPN service, CA.cert, tls key, options, the NAT/outbound/firewall on that interface etc. I didn't actually mean to connect to the VPN. D'oh ! @Gertjan: Knowing that pfSense is as easy to setup as DD-WRT (as a firewall / router) - if not easier, I advise you to: Setup the correct LAN, then: 3. 4. 2. Done. Point noted. Thanks.

Great news logbuilder!

Yeah. Just put them behind something else that NATs for them if they need internet access. Otherwise just put them on a blank VLAN or a host-only vswitch. You are going to have to really be careful if you want to access one 192.168.193 network from the "real" 192.168.193 network. And you won't be able to just tell a host on the "real" 192.168.193 network to access something on the test 192.168.193 network using that address. I know of no way that can be done while also maintaining separation between the two.

@stephenw10: That panic is the result of booting the upgraded drive? What happens when you try to boot the memstick install image? What image did you use exactly. Steve It was actually bad USB drive…, i put everything on different usb drive and load it with memstick and restored everything.

Yeah, verifying the sha256 sum of the public key is an important step but so is verifying the sha256 sum  and signature of the actual signed data. My understanding of the chain of trust is that the "fingerprint" ie sha256 sum of the public key used for signing is included in the distribution. That's step 1. Step 2 is using the public key to verify the signature, digests.sig.  That's what the command "openssl rsautl -pubin -inkey digests.pub -verify -in digests.sig -asn1parse" did. The fact that it returned an asn1 encoded sha256 hash tells me the signature was valid. The problem arises with step 3. Step 3 is verifying the asn1 encoded hash matches the sha256 sum of the actual digests file. That's where the mismatch occurs. See this link. https://lists.freebsd.org/pipermail/freebsd-ports/2014-February/089751.html

I have a windows server 2012R2 hyper-v with pfsense, among other things. I suggest you use the following setup: Create two virtual switches. Call one WAN and the other LAN. For the WAN switch, use external network, since it's an external NIC. Do not select allow the management operating system to share this nic. For the LAN switch, use external network, since it's also an external NIC. However, do select allow the management operating system to share this nic, so you can access the hyper-v from within the LAN. When you create the guest for pfsense, create it with two network adapters, one connected to each of the switches. When you install pfsense, you will need to know the MAC addresses of the two adapters so you can select hn0 and hn1, accordingly.

Tried Ctrl+F ? Or you want to search in multiple aliases if a IP exists in any of them with a single search action.?.