If you recently upgraded to pfSense 2.5, you may have received notifications about some CA/Certificate entries close to expiring. The exact message would be something like “The following CA/Certificate entries are expiring: Certificate Authority: Acmecert: O=Let’s Encrypt, CN=Let’s Encrypt Authority X3, C=US” The fix is quite simple, just visit System >> Cert Manager >> CAs…
Recently I discovered Proxmox and learned about its Community vs Enterprise versions. As I am just getting started with it, I don’t want to commit with a paid version, but who knows when I finally get the hang of it. If you think like me, this post will describe how to configure Proxmox PVE package…
Recently I have added a Supermicro X10DRi-T4+ to my homelab and a natural idea was to install a Let’s Encrypt SSL certificate and replace the original self-signed one. For such, I had to adapt a couple python scripts [1] [2] first published by Jari Turkia. None of them worked for Supermicro X10DRi-T4+, but it wasn’t…
As bufferbloat.net defines it, “Bufferbloat is the undesirable latency that comes from a router or other network equipment buffering too much data. It is a huge drag on Internet performance created, ironically, by previous attempts to make it work better. The one-sentence summary is “Bloated buffers lead to network-crippling latency spikes. The bad news is…
Yeah, I know, I need to work on shorter titles 😀 By reading a previous post, you may have created an IPSec tunnel to connect your home and office (or something like that). That is useful on its own, but it can be the case that you also want that all internet traffic to go…
This is another topic that I have referenced so many times that I decided to dedicate a post just for it and save some typing. The goal is to configure a VLAN subnet that has DHCP server and basic firewall rules to allow any traffic on your pfSense. This VLAN will be created from the…
This is a short tutorial on how to create a new WiFi network, which can be over VLAN or not, using Unifi Switches. The process is a bit different than UDM-Pro, so here we go: On your Unifi Controller Web UI, go to Settings >> Network and click on Create a new network and do…
Many of us have more than one pfSense (maybe connecting our home and office, our home and our parents, etc) which would benefit with a direct connection between them. In this post I will describe how to create a routed tunnel that connects both ends, in a way that Site A can directly access Site…
From time to time, I need to reference the use of a IP alias called RFC1918 to separate traffic from local network from other (aka “Internet”) traffic. RFC 1918 was published to “Address Allocation for Private Internets”, which is our local network. There is nobody on internet using any IP in the range described by…
On pfSense’s documentation own words, “the basic idea of traffic shaping is raising and lowering the priorities of packets or keeping them under a certain speed. This concept seems simple, however, the number of ways in which this concept can be applied is vast.” pfSense supports “Traffic shaper” and “Limiter” (and they can be used…