the setup was on an apu4d4 = 4 i211AT LAN / AMD GX-412TC CPU / 4 GB DRAM / dual SIM by pc engines

https://www.pcengines.ch/apu4d4.htm

y google dns? i recommend you try 1.1.1.1 with 1.0.0.1 for cloudflare. You can then configure dot (dns over tls) and cloudflare claims no logging policy. this is better than what google promises.

That said cloudflare vpn policy is rather worrisome

oo what chasis you put it in

This post has been edited by Moogle Stiltzkin: Jul 25 2020, 03:13 AM

I would like try pfsense also.... Now on MikroTik.. Is it true pfsense way more better than mikrotik

i used microtik long time ago. seemed alrite.

what i like about pfsense though it's solid. got packages and u can update. also they will patch any security flaws, so again, just update.

for packages, if u want, you can opt for suricata and pfblocker. i only use pfblocker because suricata is a bit annoying to manage, also i don't host anything from my network, so no ports open, so less needed.

if u bought something like an asus etc, the firmware updates usually only a couple of years before it eol then they ask u to buy a new router model. with pfsense, u don't have such a downside

that said, asus does get some third party support like rt merlin, who does regularly releases security patches regularly. but that said, even he has a EOL, at which point u have to update to a newer model at some point.

also for pfsense u don't necessarily have to go qotom. but price wise, it seems to be one of the better options for a compact pfsense box, also it has no cooling issues. my old asus ac68u had a major cooling issue..... this is why i don't want to bother with those kinds of routers again tbf, maybe newer asus models don't have this issue

This post has been edited by Moogle Stiltzkin: Jan 21 2021, 10:42 AM

Anyone upgraded to pfsense 2.5 from 2.4.5? Any issues?

I used pfsense 2.45 previously (last year starting MCO to be exact). It's good however due I'm using thin client PC and using realtek chip for ethernet i just can get roughly 250~300 Mbps. with special kmod installed i can get it stable without any disconnected network.

However, i change the setup using OpenWRT this year and it's awesome. No problem to achieve 800Mbps (yes I'm on 800 unifi packages) with same hardware. With cake SQM now bufferbloat rating (dslreports) giving A for rating.

Upgraded to 2.5. much more improvement on tcp. Running on esxi vm n passthrough dual nic. Before, my other vm will get 400-500mbps. After upgrading other vm can get 700-800mbps in speedtest

i upgraded pfsense, no issues.

obviously keep backups BEFORE updating.

Also DO NOT update package UNTIL after you first update your pfsense first.

You can update pfsense and packages from UI, but in terms of reliable updates, using the command line for pfsense is a more surer way to perform the updates

Hi..
i just have unifi 100m few week ago, i use pfsense connect to ONU (Fiberhome HG6240A) via PPPOE, internet is fine, but i have some problem with IPv6 .
when i boot up pfsense, it get a IP from TM and the DHCP6 also working, but after days ( i not sure how long .. seem over 24 hours) the DHCP6 will go "offline" , just now i found out the DHCP6 is offline , so i restart the ONU and pfsense , but this time it won't work (before this i also have this problem but fix it after i restart the ONU and pfsense), i get a new IP address from TM , but DHCP6 still offline ...
i am not very good at networking.
any pfsense sifu can help ?

this is my setting:
WAN:

LAN:


this is the status:



this is my DNS setting:



and this is the Log with the error:



is my setting correct?

thanks.

hm... i did not configure the ipv6 portion for pfsense. because last i heard ipv6 is not quite good for vpn for most part due to leaks. ip4 just works (for now), so i did not have the need to setup ipv6 just yet.

do you actually need ipv6 running? your internet should be fine without it.


https://www.networkworld.com/article/344520...n-breakout.html

https://www.vpnuniversity.com/learn/should-...pn-support-ipv6

https://www.itproportal.com/features/ipv6-y...er-supports-it/

https://www.expressvpn.com/blog/disable-ipv...vpn-protection/



i see that you are using google dns. thats fine, but i think the cloudflare dns is better in the sense they claim no log policy, so they periodically wipe dns history. google makes no such policy whatsoever.

https://www.techradar.com/sg/reviews/cloudflare-dns


DNS Over TLS On pfSense 2.4.5
https://www.youtube.com/watch?v=5mygS-TiT9c




This post has been edited by Moogle Stiltzkin: Mar 24 2021, 03:41 PM

Personally I prefer Quad9 DNS, they're (soon) Switzerland based, similar policy to Cloudflare but they block malware domains.
There's also a unfiltered one should you choose to use that.

Also, they have a Malaysia server, which is pretty nice

tbh i did not yet try quad, but privacy (best as possible at least ) and performance is important to me. right now i use pfblocker own dns with cloudflare as backup. according to the tests these offer the best result to me

https://www.grc.com/dns/benchmark.htm
https://www.grc.com/dns/dns.htm
https://www.cloudflare.com/ssl/encrypted-sni/#dns-info
https://ipleak.net/


https://www.youtube.com/watch?v=xizAeAqYde4
https://www.youtube.com/watch?v=5mygS-TiT9c

This post has been edited by Moogle Stiltzkin: Mar 24 2021, 08:32 PM

Anybody here running pfSense 2.5.0-RELEASE with working pfBlockerNG ? Cannot seems to make it work. Installed with default wizard config many times also still not working. My current setup is Huawei B525 4G Router (DMZ for WAN to pfSense) to my barebone pfSense box. Internet is from DiGi.

pfblocker works on latest
https://www.youtube.com/watch?v=xizAeAqYde4

have you try OPNsense On unifi