r/PFSENSE

Windows file sharing across different subnets/interfaces

Is there any way to configure a rule so I can access files on my wife's notebook from my PC where both machines are on different subnets/interfaces? My PC is on a subnet on "LAN" interface and the notebook is on a different subnet that's on "WIFI" virtual interface.
I just want to be able to open the disk on the notebook from Windows File explorer by entering \\notebookname\d$, but I cannot figure out what kind of rule do I need.

reddit.com
u/Sentimental_Oyster — 21 hours ago
▲ 3 r/PFSENSE+1 crossposts

Trying to set up NordVpn on OpenVpn, it refuses connection.

Hi everyone,

I have pfsense 2.8 and I’m trying to set up a VPN on my router with NordVPN. Their instructions say 2.5. but I’m not sure if that matters or not.
I am trying to use server us8567 and the port in the ovpn file says port 53 while the official instructions say 1194. I have tried both in the client.

https://support.nordvpn.com/hc/en-us/articles/20285211284497-pfSense-setup-with-NordVPN

My client will run it just keeps saying “Waiting for response from peer”.

My only other thing is I have pfblockerng in use on the router for ad blocking and a separate open VPN to allow my phone to connect to my network remotely. I am hoping these two things are not interfering with something . (They shouldn’t honestly but who knows)

I don’t know what to do, is it the Dns settings? In General DNS Server settings I have 4 servers, two nordvpn provides and 2 for my ad blocking. Would that be a problem?

Sorry if it’s a bit rambling, I’ve been going in circles on this and it’s a little frustrating to follow the instructions exactly and not have it work. If you need more details on what else I tried let me know.

reddit.com
u/rosiea184 — 4 days ago

Comcast Business Static IP (/28) Issue & Sanity Check

Hello everyone :-) I am having an issue, and I am hoping someone can help me. We have Comcast Business as our ISP and we have a /28 static IP block from them.

Usable range: xx.xx.xx.209 - xx.xx.xx.221
Gateway: xx.xx.xx.222
Subnet Mask: 255.255.255.240

The issue is, if I go to Assignments->WAN, make the following changes:

IPv4 Configuration Type: Static IPv4
IPv6 Configuration Type: None
IPv4 Address: xx.xx.xx.209/28
Upstream Gateway: xx.xx.xx.222

This fails to work. I have to change the IPv4 address field to xx.xx.xx.210/28 in order for everything to work.

Unless I am missing something, isn't xx.xx.xx.209/28 supposed to work if I put it in the IPv4 Address field? That is the first usable IP that Comcast gave me and from what I understand, you configure pfSense to use the first usable IP that Comcast gives you. Then for the rest of the Static IPs, you create Virtual IPs (with IP Alias) type.

Is this not correct? Any help here would be appreciated!

P.S. Not sure if this has anything to do with it, but in the Virtual IP section, there is an entry for xx.xx.xx.209/32 (IP Alias) and xx.xx.xx.210/32 (Proxy ARP). I don't believe this has anything to do with it, but, I thought I would mention it just in case it does.

reddit.com
u/Davidi01 — 4 days ago
▲ 3 r/PFSENSE+1 crossposts

[FS][US-FL] UniFi Gear, Netgate 1100, Netgate 6100, USW-Lite-8-POE, USW-Pro-24, OWC 32GB ECC SO-DIMM, Synology DS1522+

Everything is fully functional and no issues. The only minor cosmetic issue is the scratch on the under side of the Pro-24 switch, shown in pictures. Did some upgrading and migrating, from Synology to Unifi NAS. Synology NAS was bought back in late 2023. I have all the original boxes for shipping, minus the Pro 24, but I do have a box from the switch that replaced it. Shipping is extra, within CONUS only. In Sarasota area. Serious inquiries only please.

Synology DiskStation DS1522+ 5-bay Diskless Desktop NAS 8GB ECC
$600

OWC 32GB (2X16GB) DDR4 RAM 2666MHz PC4-21300 CL19 ECC Unbuffered SODIMM
$200

USW-Lite-8-POE (52W)
$75

USW-Pro-24
$300

Netgate 1100
$125

Netgate 6100
$500

https://imgur.com/a/mmQXUcJ

u/Puzzleheaded_Ad3258 — 5 days ago

Configuration Assistance for odd (to me) multiple connection situation

Hello.

I have an unusual (to me) configuration I'm trying to configure on a NetGate SG-3100 running pfSense 23.09.1 and I'm looking for advice or help with configuration. I shut down a business that was in an office having several satellites with a Cisco based VPN network and for compliance reasons must maintain something similar to that network with the old servers in my home. Now, I'm working to exit cloud services personally with self hosting (think Immich and NextCloud)

I have two connections to my ISP at my home. One is for residential use and I cannot obtain a fixed IP address on this connection. The second is a commercial account and I have three fixed public IP addresses. The residential network is configured as 172.16.1.x and is totally separate from the NetGate router. The public IP addresses on the other are 66.x.x.68/25. The Netgate router is .68, an email server is .69, and a planned NAS is .70.

For fast implementation when my office closed, the mail server at 66.x.x.69 was setup on a switch in front of the router. Dumb, but had no choice. Now, I'd like to get everything behind the NetGate. I don't need any NAT on the NetGate. The only devices will be the mail server and the NAS. No clients/workstations/PCs.

I can create a small VLAN (say 192.168.15.x) on the router and on the NAS using a second ethernet port on the NAS. I plan to use Nginix to route traffic based on subdomains I've created on the 66.x.x.70 address.

I want the email server to keep a public address (66.x.x.69) in its network configuration. I've no desire to reconfigure.

I want the NAS to be port forwarded on 80 and 443 to the internal (192.168.15.x) address so Nginix can route to the appropriate ports based on the subdomains.

Security is not part of this question. Just router configuration.

How do I do this on pfSense? I cannot get past the bridging for the mail server. I get errors like "IP Address 66.x.x.69 is being used by or overlaps with WAN (66.x.x.68/25) and "A valid IPv4 gateway must be specified" when I have entered the IP address of the ISP upstream gateway.

reddit.com
u/drryan3 — 4 days ago

Realtek on 2.8.1?

Do I still need to manually install Realtek drivers in 2026 for them to work? Are there extra settings for Realteks to be stable?

reddit.com
u/whotheff — 6 days ago

pfSense initial setup with one NIC and managed switch

I'm going to be setting up pfsense soon and I'm wondering how would I go about setting it up upon initial boot?

I have one NIC and a managed switch.

I am new to pfsense. So what would be my options?

One option that I was thinking was to connect my PC to the switch before initial boot Pfsense would find the one nic, but what do I do with the switch? Do I setup vlan tagging in that case?

reddit.com
u/ImpressiveYoghurt973 — 6 days ago

Connectivity issues as a new PFSense user

Hello, i'm very new to PFSense, i just installed it on Oracle's VM following a book that's from 2021 so some of the things don't line up. I'm having problem setting up my WAN and i don't know what to do anymore, treat me like a five year old when explaining some things. Thanks

reddit.com
u/Puzzleheaded_Run4605 — 6 days ago

Looking to DIY - looking for 2.5Gig Intel NIC

After hitting barriers with my ISP and it's hardware, I'm finally dabbling in the DIY router space. I hear with pfsense the wisdom that Intel NICs are the gold standard. So I'm wondering how much that key part will sting me, and if there are pitfalls.

The use case is very simple for now, just to be an basic router for a UK openreach 500/75 connection, but with room to not need replacement for if i go over a gigabit later. My current wired devices are all gigabit, so would want whatever i built or buy to be better than that. I'm not properly homelabbing yet, but thats is the goal once i get a place with a more optimal layout for it. So the goal is to see if i can build something to a £200 budget (for base PC, NIC, switch and AP) with either pfsense or another DIY router OS with parts that will be robust enough to last, or if i might as well choose a reasonably priced Asus/Tplink/GL.inet all in one for now, and wait to do DIY til the homelab is ready.

So does anyone here have a decent recommendation for a 2 port or more, preferably 2.5Gig Intel NIC for use with pfsense?

Does it matter if the board has the different manufacturer as long as the chipset is Intel? Anything i should be aware of when sourcing something to slot it into? (looking at the classic 2nd hand small form factor route)

I found there so far, so would like to hear if any are good, or there are better/cheaper/more reliable ones out there

2x2.5gig using Intel I226-V

XikeStor https://amzn.eu/d/0hVOB8tP

Ulansen https://amzn.eu/d/080jgSvr

IFutNiew https://amzn.eu/d/03j2lsLP

2x10gig using X550-T2

Intel https://www.scan.co.uk/products/2-port-intel-x550-t2-ethernet-converged-10-gigabit-pci-e-network-adapter-oem

u/ForceGaia — 9 days ago

Occasional reboots since upgrading to 2.8 (kernel page fault)

Hello, I've been having this issue since upgrading from 2.7. These are virualized firewalls. It's only whichever firewall is the CARP master that has the issue. I've followed the Netgate docs and searched around both Netgate and FreeBSD forums. Reboots are unpredictable, ranging from every day to every few weeks. Anyone have any ideas?

Details: Two VMware VMs setup in HA, 4 AMD EPYC CPUs, 8GB RAM, SCSI controller is LSI Logic SAS, NICs are VMXNET 3, Version 2.8.1-RELEASE (amd64).

Relevant portion of dmesg:

kernel trap 12 with interrupts disabled

Fatal trap 12: page fault while in kernel mode

cpuid = 0; apic id = 00

fault virtual address = 0xfffffe008e5ff008

fault code = supervisor read data, page not present

instruction pointer = 0x20:0xffffffff80b067cf

stack pointer = 0x28:0xfffffe008d620ba0

frame pointer = 0x28:0xfffffe008d620ba0

code segment = base 0x0, limit 0xfffff, type 0x1b

= DPL 0, pres 1, long 1, def32 0, gran 1

processor eflags = resume, IOPL = 0

current process = 11 (idle: cpu0)

rdi: fffff80004a82800 rsi: 0000000000000000 rdx: 0000000000000000

rcx: 0000000000000000 r8: 0000000000002000 r9: 0000000000000000

rax: fffffe008e5fd000 rbx: fffff80004a87800 rbp: fffffe008d620ba0

r10: fffffe008d620e88 r11: 0000000000000001 r12: 0000000000000000

r13: fffffe0084004000 r14: 0000000000000000 r15: 0000000000000000

trap number = 12

panic: page fault

cpuid = 0

time = 1782656446

KDB: enter: panic

Looking at the redmine roadmap for 2.9, I see a couple kernel panic bugs listed, but nothing relevant to me. I'm not using Suricata on these, and there shouldn't be any Wi-Fi hardware (virtualized).

reddit.com
u/VanDownByTheRiverr — 8 days ago
▲ 10 r/PFSENSE

unstable connection pfSense GW

I installed a pfSense firewall at a remote office. The connection is incredibly unstable. We can ping the gateway through OpenVPN and get 50% to 80% packet loss.

I am able to log in to pfSense remotely for about 10 - 20 seconds at a time, then have to wait a few minutes or longer to try again.

pfSense is running on Netgate’s 4200. It is installed in the place of a TPlink gateway that did not have any connection issues.

It seems like there is a configuration issue, possibly with the interface or gateway settings.

u/KarstInvader — 9 days ago
▲ 10 r/PFSENSE

pfSense Newbie/pfBlockerNG-devel.

Everytime i try to integrate this into my settings, half my stuff goes down, even after deleting package, still same. im trying to block ads on vlan99-IoT. Im completely lost on what to do setting it up. youtube vids havent been very helpful and trying to find in pfsense manual, doesnt exist? Is anyone willing to help?

reddit.com
u/Ancient_Cup_8442 — 10 days ago

Need a way to reinstall an older version of pfSense on a netgate appliance

I've been tasked with finding a way to get pfSense-CE-2.4.5-RELEASE-p1-amd64 installed on an older netgate appliance (model XG-7100-1U). I found the .iso in the Internet Archive but it's not a bootable image so I can't install it with a thumb drive made with etcher. Also, I don't know how reliable this image is.

Because my company has been relying on the load balancer in pfSense-CE-2.4.5-RELEASE-p1-amd64 (that has since been removed and replaced with HA Proxy) and is not ready to move to the HA Proxy replacement in current versions, we (I) need to find a way to get this older version installed. The current pfSense installer doesn't provide an option for using the 2.4.5 release.

We have another netgate appliance running this version; not sure if there's a way to do something with that.

Any thoughts other than, "It's way past time to upgrade"?

UPDATE: netgate support was able to help me out. They also included the following:

"I stress that is exceptionally important that you move off 2.4.5p1 as soon as you're able.  In the future, if you need firmware or need to replace this device, we will not be providing images for 2.4.5p1 and you will not be able to run the older firmware, as all of our new devices don't support 2.4.5p1.  This release is 6 years old and has been end-of-support for half a decade.  Running it is a significant security and operational risk."

reddit.com
u/kleefaj — 13 days ago

Best way for Multiple Wireguard ProtonVPN (Free) Configs

I have access to a couple of proton free accounts. I would like to route certain parts of my lan\networks out through either proton vpn connections in pfsense.

I ran into a problem, I think that proton uses the same ip address for each of these configs, and so using the wireguard plugin, I can only successfully configure 1 vpn connection from proton at a time. I use the gateway firewall rule option to route lan outbound traffic to the vpn interface, so that part I can understand.

Can someone give simple instructions on how to best configure multiple wireguard proton vpn connections in pfsense? Such that LAN1 can have an outbound rule pointed to > proton1, and LAN2 > proton2

I came across some old threads on how to do this with NAT, but its a bit too complicated for me. Wondering is someone can dumb it down to my level

reddit.com
u/SadHome8062 — 11 days ago

WAN (PPPoE) Internet connection drops following IP changes

Hi All,

I have noticed, that when the ISP changes their public IP, my internet drops and the only way to get back online is to restart pfsense.

My setup.
Proxmox running on a Dell Wyse 5070, with a 2.5G Nic given direct access to the pfsense.

I could tell the internet is down, when I login to the dashboard page, and WAN ip is empty

I then restart pfsense to get a new IP address. Sometimes this works, and sometimes I have to restart the proxmox host altogether

Has anyone else experienced this and possibly know how to fix it

At the moment, one cable goes from the NBN box to the dell wyse which is directly accessed by pfsense

Feel free to ask me any questions.

Thanks

reddit.com
u/Turbulent-Lab-7319 — 13 days ago
▲ 5 r/PFSENSE+1 crossposts

Brand new UGREEN NAS DXP 4800 GT unable to connect to network

I have a brand new UGREEN NAS DXP 4800 GT and it is unable to get an IP address on my network. I have 60+ other devices and I've never had this problem. I run my network behind a pfsense device. It worked once, and then it has failed ever since to get an IP address. It boots to the screen to us the mobile app to setup but its in Chinese, indicating it has no outbound connection to establish locality.

There is no DNS blocking, i have DHCP setting DNS as 1.1.1.1

One thing I did try was wiring it to my ISP modem directly and it immediately was able to get an IP address. I do not know why DHCP would not work from behind my pfSense device. I see no trace of it in my DHCP leases on my pfsense.

My setup is :

ARRIS BGW210-700 -> pfsense -> Unifi Switch -> UGREEN NAS DXP 4800 GT

All hard wired of course.

I've never had this problem with any other devices. I know the switch is good, it has 15 other devices working fine on it.

Is there any issue because the pfSense LAN is a 192.168.2.x network? Makes no sense, i know, just running out of ideas.

u/ryanhollister — 14 days ago