It can depend on the switch/router on the other end of the cable. For instance with Comcast routers often when replacing a router in an office (inside the Comcast router) I've found it's fastest to power off or reboot the Comcast router so it learns the IP has a new MAC. If you have the second router on, and are just plugging in cables, I would wonder if restarting the second router (or just leaving it off and powering it on) would help.

But overall CARP set up properly works basically instantly so that would be preferred. https://docs.netgate.com/pfsense/en/latest/book/highavailability/index.html

@NollipfSense @tompark
ok so here are the results of my efforts last night until 0130!
I am currently unable to get my plex to work.
the plex server is on the server 192.168.1.251 and I am trying to access it via the tv firestick. can anyone help?

Skynet.jpg

The entire running config can be backed up from Diag > Backup/Restore.

The file is /conf/config.xml if you're digging through the filesystem directly.

https://docs.netgate.com/pfsense/en/latest/backup/index.html

Steve

@ccigas said in Basic Firewall Set Up:

I guess from there, I would not have to allow DNS or HTTP/S through the firewall from there or is that not needed?

Typically, on an second LAN interface - called OPTx - you would block http and https acces to the Firewall (= pfSense) itself.
Don't block DNS, devices could use pfSense as a DNS, or whatever other DNS they want to use on the net.

@ccigas said in Basic Firewall Set Up:

For the DNS, it seemed to only work
pfSense doesn't use or care about DNS in receives from upstream routers.
The resolver - unbound - uses the 13 main root DNS servers (the real back bone of the Internet) to find domain info. That will always works.
There is no need - isn't used by default :
Ustream DNS servers,
ISP DNS servers,
Private info collection servers (Google and others);
etc.

If the default resolver doesn't work, something is wrong with your Internet access.

Btw : 'named' or bind, isn't used by pfSense. bind is much bigger and capable, and offers functionalities that hugely surpasses the needs of a firewall.

Hey all.

I hate to dig up a long dead thread, but I was wondering if this ever got resolved (other than reinstalling Pfsense and restoring from a working config.

Having a similar issue actually on my machine.
Little more background: these issues started with an attempted install of a freeRadius package. It was having trouble, giving similar "assigning address" errors (didn't screenshot at the time. apologies). I gave up, thought nothing of it, and removed the freeradius package and then my pfblockerng dns blacklist started giving me trouble. I restored to a config that I knew was working, but that also did not solve the problem. I've tried reinstalling pfblocker, totally deleting the config, and resetting it up, rebooting the whole pfsense box, and continue to get the same error.

I still could reinstall pfsense from scratch, and then restore that config file, but have there been any updates?

Hmm, well if you use Squid/Squidguard to do web filtering I would want to see 2 cores there really, at least.

Steve

https://calomel.org/ has some great info on chelsio

I would suggest you reconsider the configuration of your setup with pfSense, by following this guide:
https://www.netgate.com/docs/pfsense/wireless/use-an-existing-wireless-router-with-pfsense.html