So your on-prem Webserver is also running as OpenVPN client which is connected to your gcloud pfSense? You are only running this one pfSense? What is your OpenVPN mode?

-Rico

There are ways to do this by sending logs to a remote syslog server and using third-party tools to scan the firewall log entries. However, be forewarned this will get very old to you very fast (getting alerts/emails for every unwanted firewall access attempt). A normal firewall will see dozens to maybe a few hundred connection attempts per day on the WAN side. Even if you limit the alerts to just a handful of ports, you will soon grow very tired of your email app "dinging" with new mail messages ... ☺ .

I say this in a nice way, "you must be new to firewall administration"... 😀. This is usually the first thing a newly minted firewall administrator thinks he wants until he has it, then he quickly turns it off.

Tu problema es muy simple, No leíste las especificaciones ni recomendaciones del software que soporta el servidor HP proliant ML310e Gen 8. Si lo hubieras hecho, te darías cuenta que el MONOPOLIO HP, recomienda sólo instalar Micro$soft Windows Server, Red Hat, Suse Linux Enterprise y vmWare. Cualquier otra cosa que quieras instalar, será por tu cuenta y ellos NO te van a dar soporte. HP ProLiant ML310e Gen8 Server - Overview

Fue por esta razón, que no volví a recomendar servidores HP, porque compras algo que es tuyo, pero realmente NO lo es.

El principal y único problema es su HPE Dynamic Smart Array B120i Controller, HP no quiere liberar los controladores para otros sistemas operativos y la forma en que podrías solucionarlo, es desactivando la tarjeta del SETUP del BIOS, pero si tenes algún arreglo de discos, lo vas a perder y tendrías que hacer arreglos por software (lo cual no es muy seguro), o en su defecto, comprarte por aparte una tarjeta de arreglo intel, que no te limite el SO que quieras instalar, eso es lo que tuve que hacer yo.

Lo otro es instalar vmWare Sphere ESXi y desde ahí virtualizar cualquier sistema operativo.

Este tema se ha tocado varias veces en el foro, te recomiendo que los busques o tomes en cuenta el comentario que te dejé.

There isn't a powershell script I'm aware of, but you can connect with ssh and run pfSsh.php playback changepassword admin, then enter the new password and confirm it.

Together with something like clusterssh or tabs with shared input in SecureCRT you could change a bunch to the same password all at once.

All..... The script came from user Remzej. I have it on a cron job to check every 5 minutes (we are a busy proxy environment)...

*/2 * * * * root /usr/bin/nice -n20 /usr/local/bin/php-cgi -f /usr/local/pkg/monitor_memory_usage.php

#!/usr/local/bin/php-cgi -f
<?php
/*

monitor_memory_usage.php

part of pfSense (https://www.pfsense.org)

Copyright (c) 2011-2015 Rubicon Communications, LLC (Netgate)

All rights reserved.

Licensed under the Apache License, Version 2.0 (the "License");

you may not use this file except in compliance with the License.

You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software

distributed under the License is distributed on an "AS IS" BASIS,

WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

See the License for the specific language governing permissions and

limitations under the License.
*/
require_once('config.inc');
require_once('util.inc');
require_once('squid.inc');
global $config;

// Monitor memory usage by remzej
// Get SWAP usage funtion
function swap_usage() {
exec("/usr/sbin/swapinfo", $swap_info);
$swap_used = "";
foreach ($swap_info as $line) {
if (preg_match('/(\d+)%$/', $line, $matches)) {
$swap_used = $matches[1];
break;
}
}
return $swap_used;
}

// Get memory usage function
function mem_usage() {
$memory = "";
exec("/sbin/sysctl -n vm.stats.vm.v_page_count vm.stats.vm.v_inactive_count " .
"vm.stats.vm.v_cache_count vm.stats.vm.v_free_count", $memory);

$totalMem = $memory[0]; $availMem = $memory[1] + $memory[2] + $memory[3]; $usedMem = $totalMem - $availMem; $memUsage = round(($usedMem * 100) / $totalMem, 0); return $memUsage;

}

// Get memory and SWAP usage value
$memusage_pct = mem_usage();
$swapusage_pct = swap_usage();

// Display memory usage
echo "Memory Usage: " . $memusage_pct . "%" . PHP_EOL;
echo "SWAP Usage: " . $swapusage_pct . "%" . PHP_EOL;

// If memory usage is above 90%, stop and restart squid services.
if (($memusage_pct > 90) or ($swapusage_pct > 80)) {
squid_stop_monitor();
if (is_service_running('squid')) {
stop_service("squid");
}
squid_restart_services();
log_error(gettext(sprintf("[squid] Memory usage is $memusage_pct percent, Swap Usage is $swap_usage percent, stopping and restarting services.")));
}
log_error(gettext(sprintf("[squid] Memory usage is $memusage_pct percent and Swap Usage is $swapusage_pct")));
?>

In case this will help any one else, I've figured this out....

Here is a link on how to find the logs for NPS...

https://social.technet.microsoft.com/Forums/windows/en-US/45aa3000-c32b-483b-8d6e-565b56b163fc/how-to-check-the-nps-logs-in-the-event-viewer?forum=winserverNAP

Basically there are text file logs in c:\Windows\System32\LogFiles\In* , or you can check in Event Viewer under Diagnostics -> Event Viewer -> Custom Views -> Server Roles -> Network Policy.

In my case, the problem users were set to "Deny Access" under the "Dial In" tab of the user properties in AD Users & Computers. Setting to Allow Access fixed it up.

If you don't see the "Dial In" tab, this may be of help :

https://support.microsoft.com/en-ca/help/975448/the-dial-in-tab-is-not-available-in-the-active-directory-users-and-com

For me, I had to be on the server to get that tab, not accessing Active Directory Users and Computers on another PC.

Hope this will help someone else.

Thanks, Derelict for pointing me in the right direction!

There are many how to's on the youtube and interwebs. Here is one I have saved

https://www.youtube.com/watch?v=W2gy1bLHm5o

Skip the pfsense install part as it goes through the whole process from pfsense setup to squid, to squidguard, and lightsquid. Squidguard itself is not hard to setup once you have setup you squid transparent proxy which is basically enabling squid, checking transparent proxy, settings caches and that's it for squid then switch to squidguard and configure it. I have squid setup as an HAVP sine it is built into the squid package now and not a separate package before 2.3. Overall there is are many video and guides with pictures to assist in setting up or helping troubleshoot pieces of pfsense you need help with when you google for it such as in your case "pfsense squidguard setup". Don't hesitate you use your Googlefu.

I imagine you will fine routing at the firewall between the internal subnets. That hardware is probably far in excess of what you need.

Steve