pfSense® Software

Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you may not be able to execute some actions.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

Subcategories

Messages from the pfSense Team

Announcements and information about pfSense software posted by the project team

142
Topics

1036
Posts

https://www.netgate.com/blog/netgate-integrates-pfsense-with-google-cloud-identity.html Google announced some Cloud Identity features today, one of which is secure LDAP to authenticate GSuite users. We have worked with Google to ensure this works well with pfSense, and have done some work to make it even easier on the factory version of the upcoming 2.4.4-p1 release. You have to jump through a couple hoops in GSuite to set it up and fetch some info you need, then you can make pfSense use the service as an auth server.
General pfSense Questions

Discussions about pfSense software that do not fit into one of the more specific categories below.

16382
Topics

88084
Posts

N

The FreeBSD 11.2 hardware notes show the Intel PRO/1000 PT Quad Port Server Adapter (82571) is supported with the em(4) driver. I'm about to purchase one of these cards, however, the documentation shows the controller is an Intel 82571GB. Before I make this purchase, does anyone know if the 82571GB controller is compatible with FreeBSD 11.2? I'm not sure if the GB has anything to do with it or not. Any suggestions would be helpful. Thank you.
Installation and Upgrades

Discussions about installing or upgrading pfSense software

7412
Topics

45226
Posts

Mmm, there was a report that was broken in 2.4.X but I was unable to test at the time. It did seem to break IPv6 though. Does Zen give you v6? Steve
Firewalling

Discussions about firewalling functionality in pfSense software

6603
Topics

36522
Posts

R

Deploy some VPN like OpenVPN or IPSec to make internal Services accessible from outside of your network. -Rico
NAT

Discussions about Network Address Translation (NAT)

4056
Topics

21605
Posts

J

In case anyone was curious about what my issue was it was indeed the SSH terminal server that wasn't responding. The boiled down version is I am using a layer 3 Cisco router as an async terminal server. Overkill but this is the hardware I had so I'm using it. The gateway was indeed set to the pfSense however apparently because of the configuration I am using with ip alias and vty; routing is enabled. When routing is enabled the Cisco ignores the default-gateway for obvious reasons. The order in which I programmed and tested configuration had me believing the gateway was being used. Ultimately it was Derelict @Derelict on here that got me pointing in the right direction. I was too deep in the forest to see the trees. Once he proposed the foreign subnet and gateway suggestion this made me verify again the route information on the Cisco. This is when I discovered the gateway was no longer the default-gateway despite my running config stating such. I can't recall the forum post on Cisco forums however it was this information that made me realize that I have to run my terminal server in router mode whether I wanted to or not so I setup a static route to point to the pfSense at the gateway. This got things chooching again. Thanks for the help!!!
HA/CARP/VIPs

Discussions about High Availability, CARP, and utilizing additional IP addresses

1755
Topics

7762
Posts

You should be able to access it on its interface address(es) instead of the CARP VIP(s).
L2/Switching/VLANs

Discussions about Layer 2 Networking, including switching and VLANs

53
Topics

386
Posts

@broonu said in Help with VLANS in BRIDGE: we're using a bridge just to optimize the ranges to dhcp server Gibberish... That has ZERO to do with multiple vlans.. If you want 1 layer 2 then you use 1 vlan.. Once you create the bridge no matter what vlan ID you put on them if connected to the same bridge then you have 1 layer 2, all the same broadcast domain.
Routing and Multi WAN

Discussions about routing and Multiple WAN uplinks (WAN Failover, WAN Load Balancing, etc.)

6134
Topics

28556
Posts

F

Hi, i have a WAN and a WWAN interface both in a gateway group with "packet loss or high latency" trigger. If I set default gateway to that failover gateway group and I pull WAN cable, the default gateway doesn't jump to the WWAN interface. BUT if I set default gateway to automatic, it works like a charm. Is this a right behaviour of pfsense?
Traffic Shaping

Discussions about traffic shaping and limiters

2483
Topics

13370
Posts

S

Thanks for cake + OpenWRT in bridge mode suggestion. For my 150mbps+ speeds I was suggested ipq806x based or mvebu (cortexa9) device on the irc. Can't wait for it to arrive next week.
DHCP and DNS

Discussions about DHCP, DNS Resolver (Unbound), DNS Forwarder (dnsmasq), and general DNS issues

3694
Topics

20868
Posts

V

Well, maybe it's not pfSense or Unbound... Because I tried the GRC test (which isn't a "nonsense 'leak' test"; it's intended mainly to test port and query ID entropy) on my iPhone, not connected to my WiFi network (just using Verizon LTE) and the test still failed. Maybe there's a larger issue with the means these various DNS tests use to determine their results. Maybe there's something about IPv4 vs IPv6? (GRC's site doesn't support IPv6, not sure about the DNS server(s) his site uses though). I guess I'll be bookmarking that DNS-OARC test for future use then. :)
IPv6

Discussions about IPv6 connectivity and services

1187
Topics

9698
Posts

attached output of ifconfig on WAN and DMZ interface 0_1539983052922_ifconfig-pfsense.txt
IPsec

Discussions about IPsec VPNs

3949
Topics

15791
Posts

This is fixed in 2.4.4. If you are having issues try again on 2.4.4.
OpenVPN

Discussions about OpenVPN

5873
Topics

30521
Posts

B

@netblues this is my mistake in the content of the post, port 40 000 or 9 they are default, I tested both.
Captive Portal

Discussions about Captive Portal, vouchers, and related topics

2810
Topics

13690
Posts

I

anybody else who can help please
webGUI

Anything that does not fit in other categories related to the webGUI

1470
Topics

6837
Posts

S

thanks to you. i'm reasonably proficient with BSD, but pfsense definitely saves some time even with such glitches. thumbs up for the nice work.
Wireless

Discussions about wireless networks, interfaces, and clients

1476
Topics

8614
Posts

M

Hey guys, I'm not sure if this is the right area for those questions, but here I am. I'm trying to set wifi through my pfSense. I followed this tutorial and managed to make wifi work when setting static IP to my cellphone, but I can't make it get DHCP. When I try to connect without static IP, it just hangs there trying to get an IP address. About the proxy issue, I can access anything normally, but it's not being logged to E2Guardian. These are the rules I've set on WIFI interface: I have pfSense 2.4.3 with E2Guardian5. Interfaces: Although I have DHCP in my network, I've set all devices to their static arp entries, - including the one I'm trying to connect to pfSense (and it works normally when inside LAN, - PCs and cellphones).
SNMP

Discussions about monitoring via SNMP

145
Topics

444
Posts

B

That's great. Thanks for all your (speedy) help!
Documentation

Discussions about pfSense documentation, including the book

135
Topics

1049
Posts

Loading the configuration from USB during the installer requires using DOS/FAT32 formatted USB media, thus the Windows-style path in that specific instance. It's the odd one, otherwise we prefer to use UNIX-style paths.
Development

Topics related to developing pfSense: coding styles, skills, questions etc.

2.4 Development Snapshots

1402
Topics

8614
Posts

T

I am having the same issue for the last 2 nightly updates. I have tried the same and have experienced the same results.
Gaming

Discussions about playing network-based games behind pfSense from consoles, PCs, etc.

305
Topics

1877
Posts

A

I think you are trying to do too many things at once. I'd break it down and try to figure out a thing at a time and get it working. If you remove the VPN from the picture, are you able to get the XBox to open? NordVPN does not forward ports so you'll never get an open NAT using them. There are a few providers from my searching that do support port forwarding. I personally use TorGuard as they support port forwarding and seemed a fair price point. To get a single IP to go through the VPN, I made an alias for my traffic group and set a rule so it goes through my VPN gateway. Here is an example of what my rules look like.
Virtualization

Discussions about virtualizing pfSense in hypervisors such as AWS, VMware, Hyper-V, Xen, KVM, qemu, etc

1313
Topics

7906
Posts

J

I'm trying to be a virtualized 10 gigabit router for my home network and I'm struggling to get over 1 gigabit speeds on my virtualized pfSense install on Hyper-V. Spec of Hyper-V VM: 4 cores i7 4790k 4.6ghz 4096mb of ram Intel X550-T2 gigabit nic I've tried disabling all VMQ's, hardware offloading, etc. But I still can't get over 600megabits when running speed tests. Any ideas? I can post more information if needed.
Hardware

Discussions about pfSense hardware support

Vendors

6105
Topics

52335
Posts

Yes, using an external, Ethernet connected modem is the recommended option here. I personally have a Sierra EM7305 and have seen the US version, EM7355 work OK in ppp mode. The EM7455 should also work fine. But all are limted by the ppp link to what I think is 42Mbps. As a backup that works fine for me. I'm in a high signal strength area. I we could just persuade someone to port the umb driver from OpenBSD to FreeBSD that would be great. Steve
Bounties

Discussions about collaboratively raising money for a feature. To start a thread you must offer a starting price and be very specific on the feature you would like to see.

Completed Bounties
Expired/Withdrawn Bounties

432
Topics

5776
Posts

T

If this can get to production, I'll gladly contribute $50 as well.
Retired

Categories that are no longer active, but are present for reference

2.3.3 Development Snapshots
2.3.2 Development Snapshots
2.3.1 Snapshots Testing and Feedback - ARCHIVED
2.3-RC Snapshot Feedback and Issues - ARCHIVED
2.2.5 Snapshot Feedback and Issues
2.2.3 Snapshots Problems and Feedback - ARCHIVED
2.2 Snapshot Feedback and Problems - RETIRED
2.1.1 Snapshot Feedback and Problems - RETIRED
2.1 Snapshot Feedback and Problems - RETIRED
2.0-RC Snapshot Feedback and Problems - RETIRED
1.2.3-PRERELEASE-TESTING snapshots - RETIRED
1.2.1-RC Snapshot Feedback and Problems-RETIRED

8027
Topics

50085
Posts

C

@RonpfS: https://forum.pfsense.org/index.php?topic=126523.msg699285#msg699285 Thank you very much :)

pfSense® Software

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

1 / 1