• 0 Votes
    7 Posts
    1k Views
    J
    I created a boot usb drive. Once I turned the 5100 on with that in, I was able to re-install with zfs and eventually apply my config xml. Thanks again!
  • 0 Votes
    6 Posts
    969 Views
    M
    @gertjan yes, it was pfblockerng-devel v3.1.0_6. I have blocklists set to prevent traffic coming from "non friendly countries", basically, asia region, russia, some northern countries + africa. But I agree, it is quite weird. I've now made several tests with pfblocker-ng enabled/disabled, etc.. and always see the BW drop when pfblocker-ng is enabled. [image: 1665590312022-5c64470f-6054-465d-8153-9428ad13ba7a-image.png]
  • 1 Votes
    6 Posts
    2k Views
    K
    I contacted Netgate support and got the install image, reinstalled the firmware and for now everything looks fine. Thank you very much for your help and advice on using the program and equipment.
  • 0 Votes
    2 Posts
    643 Views
    D
    Turns out I need to "sudo" with my dedicated user for the command to work. Like this sudo easyrule block lan 192.168.1.21
  • Traffic Shaping on SG-5100

    Traffic Shaping sg-5100
    5
    0 Votes
    5 Posts
    1k Views
    S
    @rj said in Traffic Shaping on SG-5100: Couldn't all the traffic shaping be done on the WAN interface since that is where the real bottleneck is Shaping happens when packets leave an interface. (https://docs.netgate.com/pfsense/en/latest/trafficshaper/index.html#traffic-shaping-basics)
  • 0 Votes
    13 Posts
    2k Views
    stephenw10S
    You can recover the config from the pfSense install image as long as the partition is not completely destroyed, it gives you option before you install: https://docs.netgate.com/pfsense/en/latest/backup/restore-during-install.html#recover-config-xml-from-existing-installation Worst case you can cat the recovered config to the console from there and copy it out into a file. Steve
  • 0 Votes
    8 Posts
    2k Views
    jimpJ
    The OpenVPN option text should probably be renamed. The engine command in OpenVPN isn't required. When it's unset then it automatically selects a device which supports accelerating whatever cipher it's trying to use. When it's set to a specific engine, it's supposed to prefer that engine but I don't believe it's restricted to only using that engine. Since most things only have 0-1 available usable engine types, that's not so easy to test. So really the No Hardware Crypto Acceleration line should be Use any available cryptographic hardware device or something along those lines.
  • SG-5100 factory BIOS recover?

    Official Netgate® Hardware sg-5100
    4
    0 Votes
    4 Posts
    1k Views
    jdbaloghJ
    File System Check (fsck) fixed the issue. We hand-edited the .XML and it imported and updated perfectly. Now backed-up and happy customer. Thanks for your help!