@terdexx89 said in pfsense : forward all LAN traffic to a proxy:

android phone connected to a proxy and make a vpn connection

Ok I'm a bit confused - are you saying your phone can not connect to this vpn connection unless it bounces off this proxy?

If pfsense can make a vpn connection to where your phone is connecting or any other vpn service on the internet, then you could route all clients behind pfsense through this vpn.. This is just a client vpn connection on pfsense and people do this all the time..

Pfsense does have the ability to use an upstream proxy, but I am not sure if it would then route its vpn connection through this proxy?

https://docs.netgate.com/pfsense/en/latest/config/advanced-misc.html#proxy-support

I take it your goal is to use pfsense to route your device behind pfsense through the vpn connection? Which users do all the time. What I am confused about is the added proxy? My understanding of the upstream proxy feature of pfsense is so pfsense can access updates and packages. I am not clear on if you set this upstream proxy, and then setup a client vpn connection in pfsense if it would make that connection through the proxy.

But once pfsense has this vpn connection, it is quite simple to route devices behind pfsense through this vpn connection.

edit:
If you want your vpn client on pfsense to bounce off a proxy, those settings are in the vpn client setup

https://docs.netgate.com/pfsense/en/latest/vpn/openvpn/configure-client.html#proxy-settings

@leumasstudios said in HELP!! Can not get my new pfsense install connected to my ISP and don't have internet!:

and made sure to set the MAC address in pfsense to 63:e3.

That seems suspicious. You should not need to set the MAC address if it's using a dedicated NIC (pass through). If you did it implies something else is using that MAC and spoofing it in pfSense will break layer 2. It sounds like you may have ended up with ESXi using that MAC.

Steve

@WAR10CK said in Intel gigabit ct Desktop not detected:

AHCI enclosure management bridge

OK, pfsense recognizes the netcard, but why is it saying : AHCI enclosure management bridge under interface em0.
There is no link when I plugin the cable to em0.

The cable works fine in em1.

@stephenw10 probably, I'm not super knowledgeable on how this stuff works in the back end. It does make sense that its a driver limitation, or maybe bug? Either way its nice that autoselect works as it should. Can't wait to get my other cards in and top out my provisioned speed. I can see when running a speed test it maxes out my 1Gbe nic in my desktop 😂

I have to disagree on one thing only..
"planned obsolesce" is a fact not a myth,
not everyone applies this policy of course but there are alot of example out there proving this
the more evident one is for example to limit the life of a light bulb
Apple's use of pentalobe screws in their newer devices is an attempt to prevent the consumer from repairing the device themselves
Non-user-replaceable batteries
Smart chips in ink cartridges to prevent them from being used after a certain threshold constitutes "planned obsolescence"
when you design a board and you put capacitors in a place where the temperature is hot you know that the capacitor itself would last no more than 3 years. there are alot of triks to make everything with "planned obsolesce" in mind 😉
last example ... server grade vs consumer grade

There are ways to do this by sending logs to a remote syslog server and using third-party tools to scan the firewall log entries. However, be forewarned this will get very old to you very fast (getting alerts/emails for every unwanted firewall access attempt). A normal firewall will see dozens to maybe a few hundred connection attempts per day on the WAN side. Even if you limit the alerts to just a handful of ports, you will soon grow very tired of your email app "dinging" with new mail messages ... ☺ .

I say this in a nice way, "you must be new to firewall administration"... 😀. This is usually the first thing a newly minted firewall administrator thinks he wants until he has it, then he quickly turns it off.

@johnpoz
I use IPSec to create a site-to-site tunnel should the wireless bridge go down. (Hilariously, this is no longer working, but that is a different problem for a different day).

I wanted to use the pfSense for the VPN clients but had too much problems setting it up with the win 10 clients. I only have two VPN clients so it is not really a problem at the moment.

But I will probably sit and redesign the whole network. Or I should just get some hardware routers. The win 10 hosts are giving me hell as well.

Does anyone have a way to resole it?
Please help.

I imagine you will fine routing at the firewall between the internal subnets. That hardware is probably far in excess of what you need.

Steve