pfSense Gold Subscription

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Topics - Gil

Pages: [1] 2
General Discussion / Platform Pie Chart - Poll
« on: January 10, 2018, 07:40:21 pm »
Wondering what is percentage of users are on each variety of paltforms?

a) Netgate appliances
b) Old hardware
c) Purpose built Hardware
d) Virtual
e) Other SBC
f) Other

General Questions / Backups without certificates
« on: January 02, 2018, 04:55:13 pm »
Is it possible to create backups without the certificates included.
Thinking about sharing configs with a work colleague, and keeping security.

The obvious thing to do seems to be to manually edit the xml file.


Official pfSense Hardware / Purchasing Support
« on: December 15, 2017, 06:11:51 am »
I like to think I am paying my dues to a fantastic system.
But paying double for a single fail_over solution because it has two Netgate ID's is a bit rich.
I bought a SG-4860-2000-PF to provide a High Availability fail-over and supported Netgate by purchasing their hardware.
At the end of the day, it is a single end server, sold as such - but requires 2 subscriptions to enable support?
Perhaps each unit can be separated and re-purposed, is that the issue?

Hardware / Modem Reset
« on: December 12, 2017, 03:14:30 am »
Has anyone developed a power reset switch to automatically reset a 4G modem (or ADSL) on ping fail?
My thoughts are to have a pfSense router (eg: SG-1000 or APU) which runs a Cron Ping and latching power switch on the ISP Modem supply.
I have had a situation where the 4G Modem froze and so did it's internal Ping reset facility. The APU router was happily doing what it could - but of course I could't contact it (remotely)


Firewalling / NAT through to Webdav FreeNAS
« on: December 10, 2017, 03:47:34 pm »
I have an IoT device that can only deliver secure files via Webdav.
I intend on setting up a FreeNAS Box with Webdav shares and I am curious as to the most secure way to push through my pfSense Firewall to the FreeNAS.
Is it advisable to push a NAT on a single port and enable Webdav directly through?


OpenVPN / OpenVPN Logs & Verbosity
« on: December 06, 2017, 05:37:36 pm »
I have set verbosity at 3 (recommended), but have the OpenVPN Logs filled with:

Dec 7 10:18:12   openvpn   8767   MANAGEMENT: Client disconnected
Dec 7 10:18:12   openvpn   8767   MANAGEMENT: CMD 'status 2'
Dec 7 10:18:12   openvpn   8767   MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock

which is unhelpful when fault finding through the last 50 logs.

Is there a way to omit  this without setting verbosity to 1?

Installation and Upgrades / SG-1000 fail after 2.4.2 upgrade
« on: December 05, 2017, 03:42:52 pm »
I have an SG-1000 that has failed after 2.4.2 upgrade.

I have tried to reflash it with the recovery drive via the OTG port, but I don't get the option prompt at the console.
The console shows attempts to rebuild, and stops at:
"ERROR: Impossible to mount filesystem, use interactive shell to attempt to recover it"

The only option I get is to hit any key to stop autoboot

I can issue basic commands such as reboot.

Any ideas?

webGUI / Typo error
« on: November 28, 2017, 07:42:14 pm »
Little Typo error in 2.4.2 OpenVPN Server DH Parameter Length - More info message:

"new or stronger paramater sets."

OpenVPN / Routed Error: - impossibly lacks ifp
« on: November 23, 2017, 06:47:19 am »
I have several OpenVPN services on my server.
The latest one I am attemping to configure will not route to the client correctly.

I have a Peer2Peer Tunnel (tun tcp) Network between my server ( and client (

I can route from the client to the server (to, but I can NOT route from the server to client (
However; I can get to the client from the server on - which is the address allocated in the "CSC" Client Specific Overrides.

The route is not being added correctly even though it is in the OpenVPN server "Custom Options" - as follows:
When I add this route; the assigned OpenVPN Gateway goes offline.

The System Logs / System / Routing show the following:

routed   89460   static route (mask 0xffffff00) --> impossibly lacks ifp

Firewall rules are: Everything open under LAN, and everything open under OpenVPN .

Official pfSense Hardware / SG-1000 <--> SG-3100 ..... Gap
« on: November 11, 2017, 06:09:03 am »
Are there any plans for a 3 or 4 port device more akin to the APU devices.
I want to replace multiple APU routers for the future 2.5 roll out.
I have specific size restrictions and the SG-3100 is to large.

Should I look at Protectli 4 Port E3845 devices? (or similar)
Would like to buy Netgate and support the project.

webGUI / Traffic Graphs
« on: November 06, 2017, 10:56:31 pm »
Error: SyntaxError: Unexpected token < in JSON at position 0

I get this error after a few minutes (V2.4.1)

OpenVPN / Cipher Status
« on: November 05, 2017, 04:26:23 pm »
Is there a means of displaying the cipher in the OpenVPN Client Status?
Nice to see what has been negotiated through NCP, if possible.

OpenVPN / Error when attempting to kill OpenVPN client connection
« on: November 05, 2017, 01:37:49 am »
I get an error:

An error occurred. (-1)

Occurs when I attempt to kill an OpenVPN client connection on the server. (2.4.1)

It happens on the Dashboard and the OpenVPN Status Pages

Anyone else see this?

Hardware / OTG 4G Huawei E8372
« on: October 30, 2017, 09:15:29 pm »
I have a 4G Huawei E8372 USB Device which is reported as being OTG compatible.
I cannot bring up an interface to recognise it (PPP or otherwise).
Is there a forum or docs for OTG devices?

webGUI / Kill OVPN client connection
« on: October 30, 2017, 06:43:35 am »
I get an error:

An error occurred. (-1)

when I attempt to kill an OpenVPN client connection on my APU server box status screen.
This never used to happen prior to 2.4.0 upgrade.

Pages: [1] 2