Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login
    1. Home
    2. Recent
    Log in to post
    Load new posts
    • All Topics
    • New Topics
    • Watched Topics
    • Unreplied Topics
    • All categories
    • All tags
    • R

      SG-1100 Recovery Help Needed

      Watching Ignoring Scheduled Pinned Locked Moved General pfSense Questions
      11
      0 Votes
      11 Posts
      88 Views
      stephenw10S

      Yes that's correct. The 1100 has only one NIC (mvneta0) and an internal switch with VLANs to separate the ports. But, as I said, you shouldn't need to make any changes there it's detected and set automatically for any Netgate device.

    • S

      rename boot environments

      Watching Ignoring Scheduled Pinned Locked Moved General pfSense Questions
      3
      0 Votes
      3 Posts
      180 Views
      S

      @Gertjan shame on me! Didn't see that ... thanks a lot!

    • T

      Upgrading Unbound version for latest pfSense Plus release?

      Watching Ignoring Scheduled Pinned Locked Moved DHCP and DNS
      3
      1 Votes
      3 Posts
      108 Views
      GertjanG

      @tman222 said in Upgrading Unbound version for latest pfSense Plus release?:

      (I didn't see it listed in the 25.07 release notes when I looked earlier).

      A couple of days (weeks ?) one of the latest pfSense Plus Beta or RC already included 1.23. That's the version I use right now.
      Since February 2025, 1.22.x was used, that's according my own release notes (I always log the upgrade process, executed form console, option 13, to a file. I don't use the GUI upgrader as that one tend to hide the obfuscate the interesting stuff.)

      If the newest unbound version, 1.23.1, concerns the 'pfSense' version of unbound, then 1.23.1 will probably be included soon.

      edit :
      @w0w => 👍

      We can actually check :

      [25.07-RC][root@pfSense.bhf.tld]/root: unbound -V Version 1.23.0 Configure line: --with-libexpat=/usr/local --with-libnghttp2 --with-ssl=/usr --enable-dnscrypt --disable-dnstap --with-dynlibmodule --enable-ecdsa --enable-event-api --enable-gost --with-libevent --with-pythonmodule=yes --with-pyunbound=yes ac_cv_path_SWIG=/usr/local/bin/swig LDFLAGS=-L/usr/local/lib --disable-subnet --disable-tfo-client --disable-tfo-server --with-pthreads --prefix=/usr/local --localstatedir=/var --mandir=/usr/local/share/man --infodir=/usr/local/share/info/ --build=amd64-portbld-freebsd15.0 Linked libs: libevent 2.1.12-stable (it uses kqueue), OpenSSL 3.0.16 11 Feb 2025 Linked modules: dns64 python dynlib respip validator iterator DNSCrypt feature available BSD licensed, see LICENSE in source package for details. Report bugs to unbound-bugs@nlnetlabs.nl or https://github.com/NLnetLabs/unbound/issues

      so the CVE deosn't apply.

    • A

      Can't receive GeoIP databases updates anymore, banned

      Watching Ignoring Scheduled Pinned Locked Moved pfBlockerNG
      4
      0 Votes
      4 Posts
      170 Views
      GertjanG

      @AlexK-0 said in Can't receive GeoIP databases updates anymore, banned:

      Days ago, I received from MaxMind an email, notifying me that my country has been banned to receive GeoLite City database updates.

      You've found a reason to use a VPN.

    • M

      Netgate Documentation on DNS over TLS and NOT using DNSSEC

      Watching Ignoring Scheduled Pinned Locked Moved DHCP and DNS
      17
      0 Votes
      17 Posts
      277 Views
      johnpozJ

      @tinfoilmatt said in Netgate Documentation on DNS over TLS and NOT using DNSSEC:

      I've never encountered any problems

      And what have you gained by asking for something that has already been done.. You mention you leave 0x20 off for performance - but want to do a bunch of queries for dnssec that make no matter?

    • S

      Upgrade from 2.7.2 to 2.8.0 Failed and now /boot/efi/ empty

      Watching Ignoring Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
      28
      0 Votes
      28 Posts
      435 Views
      S

      @stephenw10 Unfortunately I am going to have to wait till I can bring down the network to test. If I take it down now and it doesn't come back up I will be having some hell to pay from the family...lol. 😃

    • C

      FreeBSD apps to load behind pfSense?

      Watching Ignoring Scheduled Pinned Locked Moved Off-Topic & Non-Support Discussion
      10
      0 Votes
      10 Posts
      302 Views
      C

      @bmeeks Thank you.

      Your points are excellent. I believe I will back off from adding more supplemental apps. Adguard Home works with OPNsense as a 3rd party add-on without complaint so I will leave that alone for now. But I will also keep an eye out for issues with that configuration.

      Worst case is a reinstall of pfSense and a restore of the backup configuration. My Windows Adguard Home servers are available if needed.

    • M

      How to update to the latest Tailscale version?

      Watching Ignoring Scheduled Pinned Locked Moved Tailscale
      163
      1 Votes
      163 Posts
      47k Views
      luckman212L

      For 25.07 RC, this worked for me (run sh first)

      [25.07-RC][root@r1.lan]/root: sh # export IGNORE_OSVERSION=yes # pkg add https://pkg.freebsd.org/FreeBSD:15:amd64/latest/All/tailscale-1.84.2.pkg # service tailscaled restart # tailscale up # tailscale version 1.84.2 go version: go1.24.4 # tailscaled -version 1.84.2 go version: go1.24.4
    • G

      failed to fetch the repo data. Unable to perform update from 2.7.2 to 2.8.0 after restoring crashed 2.8.0 pfSense.

      Watching Ignoring Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
      8
      0 Votes
      8 Posts
      245 Views
      G

      @Wolfgangthegreat
      ...and to @comet424

      I wasn't able to perform the 2.8.0 update this weekend, but when I got to the school this morning, it worked perfectly!

      I appreciate the support from both of you, and from Netgate.

      The backup/standby pfSense instance is back in place and ready in case I have a hardware failure, or a failure of the gray matter between my ears!

      My best to all of you.

    • Z

      VPN Client Not Using pfSense DNS Server (10.60.0.252) After Connecting via OpenVPN

      Watching Ignoring Scheduled Pinned Locked Moved General pfSense Questions
      6
      0 Votes
      6 Posts
      100 Views
      stephenw10S

      Because 10.60.0.252 is the server end of the VPN tunnel at pfSense. The local DNS resolver (Unbound) listens and responds on that IP and that is where the override is set.

      Where as 8.8.8.8 is Google's DNS service that knows nothing about any local overrides you might have set. When clients use that DNS server is bypasses any local DNS overrides.

    • luckman212L

      6100 Firmware 03.00.00.03t-uc-126

      Watching Ignoring Scheduled Pinned Locked Moved Official Netgate® Hardware
      4
      0 Votes
      4 Posts
      163 Views
      stephenw10S

      Nice. Weird though. 😕

    • N

      HAProxy configuration for roundcube

      Watching Ignoring Scheduled Pinned Locked Moved HA/CARP/VIPs
      4
      0 Votes
      4 Posts
      59 Views
      V

      @NickJH
      Not clear, what you intend to achieve with this, but the Directory container in Apache is meant to be used for local paths. "/" might not be correct here.

      If you need to describe a virtual path use "Location".

    • W

      Packages config is retained in upgrade?

      Watching Ignoring Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
      3
      0 Votes
      3 Posts
      75 Views
      S

      @Wolfgangthegreat For example (this is checked by default):
      8544523b-d69b-4088-b221-d2532912455c-image.png

    • M

      Another failed 2.8.0CE installation due to repo connectivity issues.

      Watching Ignoring Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
      4
      0 Votes
      4 Posts
      150 Views
      stephenw10S

      There was a backend issue that's now fixed.

    • R

      Dynamic dns don't work with carp ip

      Watching Ignoring Scheduled Pinned Locked Moved HA/CARP/VIPs
      8
      0 Votes
      8 Posts
      213 Views
      M

      @lbeard said in Dynamic dns don't work with carp ip:

      Done => https://redmine.pfsense.org/issues/16326

      Great, thanks 👍 👍

    • J

      Gtek 2.5G (Intel I225 Controller) PCI-E x1 Network Card not recognized by the pfsense

      Watching Ignoring Scheduled Pinned Locked Moved Hardware
      14
      0 Votes
      14 Posts
      304 Views
      GertjanG

      @johnytb said in Gtek 2.5G (Intel I225 Controller) PCI-E x1 Network Card not recognized by the pfsense:

      can you explain to me what exactly is this interface that you show here ?

      That's pfSense most important interface 😊
      The one that works when even all your NICs don't work.

      Its called : the console, which could be a serial connection, or, if you have VGA/HDMI build in, it could be that and a (USB) keyboard.
      Or : If the LAN NIC is working, you 'ssh' into your pfSense using a SSH client like putty or classic 'ssh'.

      Keep in mind : what happens when you have a disk drive issue ?
      => pfSense can't boot.
      => Network interfaces will all by down ...
      You the the console (serial or VG/HDMI/Keyboard) access.

      For command line commands I use the ... command line = console (or SSH) access.

    • T

      Does not have a public address and is behind NAT

      Watching Ignoring Scheduled Pinned Locked Moved IPsec
      4
      0 Votes
      4 Posts
      47 Views
      T

      @Gertjan said in Does not have a public address and is behind NAT:

      Managed to solve the problem.

      You need to enter any fictitious name and your external IP in DNS Resolver. I entered both my pfsense on one and the second pfsense.Снимок экрана 2025-07-21 в 15.38.01.png In phase 1 you need to register.
      Снимок экрана 2025-07-21 в 15.39.32.png
      After which everything started working.
    • N

      [2.8.1.b] Multiple limiter issue

      Watching Ignoring Scheduled Pinned Locked Moved Development
      11
      0 Votes
      11 Posts
      551 Views
      stephenw10S

      Ah OK I see, the names threw me!

    • J

      Firewall gateway address in ipv6

      Watching Ignoring Scheduled Pinned Locked Moved IPv6
      4
      0 Votes
      4 Posts
      96 Views
      J

      Hi @SteveITS.

      That was an excellent tip, I had missed the "self" target completely. This allowed me to get rid of all of my firewall aliases I needed earlier.

      Thanks!

    • N

      pfSense on Watchguard M370

      Watching Ignoring Scheduled Pinned Locked Moved Hardware
      314
      1 Votes
      314 Posts
      150k Views
      D

      @stephenw10 I don't have enough points to upvote, so I'll just say thank you Stephen 👍 !

      Now, if the seller agrees to selling me that M570, I should be good to tackle this thanks to all the good info supplied by the community in this thread :)