Farewell
« on: July 28, 2016, 07:36:36 pm »
It was around 12 years ago at this time that Scott Ullrich and I got started on pfSense, known as "projectx" until November 2004. Prior to that, Scott and I were working on his commercial firewall product, Moatware. In 2003-2004, I started working on m0n0wall as well. When Moatware closed up shop, we decided to start an open source project and see what happened. If it were successful, we could build a business around it. Initially, I wasn't sure what to expect. 

With the initial help of many volunteers, and later employees and many more community volunteers, we've been able to build something great. The Google Trends line tells the story.

We've taken over the open source firewall distro world. No one else even comes close.

Though we've announced that I'm leaving, I've not said where I'm going. I've accepted an offer to join Ubiquiti Networks to lead a proprietary software product, unrelated to pfSense. Today is my last day of work here. Out of respect for what site we're on, let's not discuss that here. I'll be starting at Ubiquiti on August 8, so we can discuss Ubiquiti on their forum if you're interested. To address the concern a number of you communicated privately, I was lured away, not driven out.

From now on, I'm reachable at I'll be back here on the forum from time to time.

It's been an incredible experience to work with and meet so many of you. I've made friends and contacts all around the world that will carry on long into the future. My thanks to everyone who has contributed in any way over the past 12 years.

Moving Forward
« on: July 28, 2016, 06:30:50 pm »
Proud of ya cmb, but gosh darn it if I won't miss ya. Hope to see you around town.

Thanks! Likewise.

OpenVPN periodically disconnecting? Why? How to fix?
« on: July 28, 2016, 03:58:56 pm »
There isn't, but there is also no point in tuning it. It's a symptom of the root connectivity problem, not the source of any problems. Nothing you change will fix connectivity issues.

OpenVPN periodically disconnecting? Why? How to fix?
« on: July 28, 2016, 11:50:43 am »
That PIA thread is full of misguided info. I wouldn't recommend anything there.

The ping-restart happens because you get no traffic at all from the remote endpoint for 60 seconds. That's what drops the calls, not the VPN reconnecting after that minute has passed. It doesn't immediately reconnect every time either, there are gaps of several seconds at times where it's trying before succeeding (likely after connectivity between the sites comes back).

Routing between Subnets
« on: July 28, 2016, 12:49:39 am »
Sounds like you need to check "Bypass firewall rules for traffic on the same interface" under System>Adv, Firewall/NAT.

That's the issue here.

To work around it, run:

Code: [Select]
tar xv -C / -f /usr/local/share/pfSense/base.txz ./usr/bin/install

Squid installation Fail after latest update
« on: July 27, 2016, 10:53:39 pm »
Upgrade 2.3.1 to 2.3.2 fails
« on: July 27, 2016, 09:26:27 pm »
My unit tells me that a upgrade is available and when i start the process i get this

>>> Updating repositories metadata...
Updating pfSense-core repository catalogue...
pkg: No address record

Bug that's fixed in 2.3.2, but you'll need to bind your DNS Resolver or Forwarder to localhost first to get to 2.3.2. Do that, and upgrade again and it'll be fine.

VIPs and 1:1 NAT definitely all work fine. Packet capture, see if the traffic is coming into your WAN at all. I'm guessing it's not, and you're not seeing any ARP requests on those IPs, likely because of upstream ARP cache on your ISP's router.

Not full speed on Intel NIC
« on: July 27, 2016, 09:01:10 pm »
Getting 100 Mb on a gigabit port where both ends are correctly set to autonegotiate is essentially always a cabling issue. Either using CAT5 rather than 5e or 6, or a bad cable.

Effects of packetloss on the system.
« on: July 27, 2016, 08:46:52 pm »
That's basically idle. Any loss is likely attributable to a problem on your Internet connection. The processes you see coming and going are from updaterrd's stats gathering.

WAN dhcp (dhclient) going to wrong IP
« on: July 27, 2016, 06:39:04 pm »
Nothing you can do.

Downloading new 2.3.2 ISO image -> 5 KB/s???
« on: July 27, 2016, 06:28:15 pm »
There was a problem earlier, fixed this morning.

