Just reporting that the 1.94 driver still works with 2.4.3. No issues so far. The change log is scary.

@mrrobot . I managed to solve the problem, but what exactly is going on? I can't say. Change DNS Resolution Behavior to "Use remote DNS Servers" and put 9.9.9.9 as your first DNS server.

@Gertjan I have two systems both 2.5-dev version . second system is up to date always. I keep an eyes on all updates and bug fixes (redmine) everyday i am testing both system in different ways. second system i didn't apply any patch and people can reuse voucher on other device so they get disconnected from old Aug 3 13:00:03 logportalauth 38072 Zone: campco - CONCURRENT LOGIN - TERMINATING OLD SESSION: 9478394944, 7c:78:7e:4d:1c:43, 10.10.21.188 Moving soon to FreeRADIUS base solution which has no issue with concurrent logins. I have already done initial testing in production environment.

@marcg Thank you for the tip. When I get some free time, I will check out the auto generated interface addresses prefix's.

@Cannondale Yeah, you're right the other one is an ET card. It adds support for SR-IOV and IPSec offload over VT card.

@georgelza said in pfSense not enabling port: @Gblenn Yes... the VM is started via the data centre and that won't allow you to start it twice. You will need to clone it and give it new name and IP. I'd prefer to have the VM Images on local mirror via Ceph, gives me speed and Ceph will make sure there is a copy on another node. Would like someone else to chirp in here... confirm this works with Proxmox. know other Hypervisors allow this. G Yes that is my understanding as well, although I have not tried it. And I totally agree that using the local nvme's will give you way more speed. I still suggest creating a PBS VM (Proxmox Backup Server) and perhaps map e.g. a disk on your TrueNAS for that. I've had a few instanses where I have wanted to "go back in time" and restore something from a few weeks back even. Typically because I messed up and didn't realize it until some time later. other than the official proxmox forum which does not seem to have much activity, anyone aware of a active/responsive proxmox community... otherwise wondering if we can get the admin's here to create a proxmox section ;) There is a virtualization section already, with plenty Proxmox activity... https://forum.netgate.com/category/33/virtualization

Can we see a screenshot of the exact settings you're trying to enter in the package? Is it possible your browser is auto-filling hidden fields? Steve

This 2.4.5-p1 version also has this problem

Ah it dawns on me there is one thing I should mention so someone else doesn't get caught. ARP cache played a huge part in this and an accidentally left over rule in one of the firewalls as well. The firewalls were basically competing to be the gateway so things would get weird like a vm would boot up with a gw then a while later change to another. Once ARP cleared up, everything was fine.

@BBcan177: Hi Ben, I already have request on Redmine to add this functionality for VirusTotal and other links. https://forum.pfsense.org/index.php?topic=73406.msg400956#msg400956 https://redmine.pfsense.org/issues/3508#change-13575 You can manually edit that file for now. Perfect. And now I also know where the issues log resides. Thanks. Ben

The original settings in this thread worked fine for me a few years ago when Verizon began rolling this out. Then they seemed to roll everything back in late 2023 and I went the whole of 2024 with no ipv6. I noticed this summer that I was seeing ipv6 addresses again and when looking into it, they appeared to have enabled it all again in Jan. of this year. But by the time I noticed over the summer, I had upgraded to the latest pfsense version and also switch over to KeaDHCP server. I tried using it for an online game and was noticing that I was getting dropouts for 15 minutes about every hour, so I just went back to using ipv4. This weekend I started looking at it more closely and found that every 1 hour 15 minutes, I would lose the ability to use ipv6. These are the entries I would see in my logs. The period from 9:52-10:04, I would have no ipv6 connectivity. IPv4 would renew the leases fine and connectivity there was unaffected. Oct 12 10:04:40 dhcp6c 55217 dhcp6c Received INFO Oct 12 10:04:39 dhcp6c 55217 Sending Renew Oct 12 10:04:36 dhclient 40170 bound to <redacted ip> -- renewal in 3600 seconds. Oct 12 10:04:36 dhclient 18404 Creating resolv.conf Oct 12 10:04:36 dhclient 17251 RENEW Oct 12 10:04:36 dhclient 40170 DHCPACK from <redacted ip> Oct 12 10:04:36 dhclient 40170 DHCPREQUEST on igb0 to <redacted ip> port 67 Oct 12 09:52:27 kea-dhcp6 21138 WARN [kea-dhcp6.alloc-engine.0x1c3afd017400] ALLOC_ENGINE_V6_ALLOC_FAIL_CLASSES duid=[<redacted>], [no hwaddr info], tid=0x6b0e2c: Failed to allocate an IPv6 address for client with classes: ALL, pool_lan_0, UNKNOWN Oct 12 09:52:27 kea-dhcp6 21138 WARN [kea-dhcp6.alloc-engine.0x1c3afd017400] ALLOC_ENGINE_V6_ALLOC_FAIL_NO_POOLS duid=[<redacted>], [no hwaddr info], tid=0x6b0e2c: no pools were available for the lease allocation Oct 12 09:52:27 kea-dhcp6 21138 WARN [kea-dhcp6.alloc-engine.0x1c3afd017400] ALLOC_ENGINE_V6_ALLOC_FAIL_SUBNET duid=[<redacted>], [no hwaddr info], tid=0x6b0e2c: failed to allocate an IPv6 lease in the subnet <redacted ip>::/64, subnet-id 1, shared network (none) Oct 12 09:52:27 kea-dhcp6 21138 WARN [kea-dhcp6.alloc-engine.0x1c3afd016d00] ALLOC_ENGINE_V6_ALLOC_FAIL_CLASSES duid=[<redacted>], [no hwaddr info], tid=0x6b0e2c: Failed to allocate an IPv6 address for client with classes: ALL, pool_lan_0, UNKNOWN Oct 12 09:52:27 kea-dhcp6 21138 WARN [kea-dhcp6.alloc-engine.0x1c3afd016d00] ALLOC_ENGINE_V6_ALLOC_FAIL_NO_POOLS duid=[<redacted>], [no hwaddr info], tid=0x6b0e2c: no pools were available for the lease allocation Oct 12 09:52:27 kea-dhcp6 21138 WARN [kea-dhcp6.alloc-engine.0x1c3afd016d00] ALLOC_ENGINE_V6_ALLOC_FAIL_SUBNET duid=[<redacted>], [no hwaddr info], tid=0x6b0e2c: failed to allocate an IPv6 lease in the subnet <redacted ip>::/64, subnet-id 1, shared network (none) After fooling around with various settings and searching online, I came to the conclusion that pfsense's implementation of KeaDHCP did not appear to handle renewals of the prefix delegation. I don't know if that is the right conclusion, but the config that was being generated looked to have hard coded subnet ranges and never used Kea's pd-pools config block. Ultimately, all I did to "fix" this was to disable the KeaDHCP service on my LAN interface and change the Router Advertisment-->Router Mode from Managed to Assisted and let my clients sort ipv6 themselves instead of having the router do DHCP. I could set it to Stateless but if someone can tell me what I was doing wrong I'll try and set up DHCP6 again. As I could not find others online having this problem, I assume I did not have the DHCP server configured correctly, but at least for my use case, I don't actually need DHCP6. [image: 1760369517889-beb9b838-c78b-496e-813b-653f044d6232-image.png] Since making that change, my ipv6 dropouts ceased. Also, an unexpected 1.5-2ms reduction in ping time to the target I was using. [image: 1760369744926-42176401-a3c8-4d22-b829-a9b5c0b4516a-image.png] Hopefully this helps others who might end up in a similar boat. This and the now lost thread on dslreports.com were tremendous resources for getting this working originally.

@thebear Ah, the order was incorrect! Could have known that :(. Changed the order and will do some further testing; let you know!

Hi all, I do not know much about pfsense command line. Wondering if someone can help me step by step ? Do I need command line access to the router or I can use the web access to the router ? Can I use the command prompt section ? So I have to create 2 executable files name notify.sh and disconnect.sh ? How I am going to create these files ? I think I got the part to set the permissions. How can I set the permissions ? by using Execute Shell Command section on the web ? What will be in those two files ? So same code in both files ? @Armstrong said in Email Notification - OpenVPN Client Connect (Common Name): #!/usr/local/bin/php -q <?php require_once("/etc/inc/notices.inc"); $local_connect_value = " user_name: " . getenv('common_name') . " vpn_client_ip: " . getenv('ifconfig_pool_remote_ip') . " from: " . getenv('trusted_ip') . " on " . date('F j, Y, g:i a'); if ( strrchr (FILE , 'disconnect') ) { $local_connect_value .= ", duration : " . getenv('time_duration') . " seconds, received : " . getenv('bytes_received') . " bytes, send : " . getenv('bytes_sent') ." bytes. DISCONNECTED."; } notify_all_remote($local_connect_value); ?> Am I coping from <?php or from #!/user ? If it is from <?php then what I have to do with first line #!/usr/local/bin/php -q Is it possible some one can help me step by step and also tell me which part of the webconfigurator I need to use to do all this please ?

You should be able to boot pfSense fairly easily, you just end up with only 3 working ports; the two SFP ports and the management port. It would be nice to have the other 24 ports accessible. Did you reach that point? Steve