Can you not disable wifi ?
If not , just hide the ssid and give a very complicated password
Yah no way to disable Wifi… and yup i’ve put a complicated password.
Thanks to everyone for their help!!
Update: no issues with pfsense after taking starlink out of bypass mode.
Since, Starlink uses CGNAT - would it make a difference if I uncheck “Block private networks and loopback addresses”, when in bypass mode?
Also does turning of “Block private networks and loopback addresses” on a CGNAT network have any security issues?
As PFSense wan port has a RFC1918 network address, you have to uncheck ‘Block private networks and loopback addresses’ else you will not have any internet
As you are double natting, and starlink is cgnat no security issues
I see… thank you for the information, i’ll try that and hopefully things continue to stay stable.
Actually not entirely true. If the traffic originates from the internet packets don’t have a private address, internet traffic will pass if you block the private addresses. If traffic originates from the private addresses then you want that traffic blocked.
I was double natted for years with a 192.168.x.x WAN address and had no issues with the private address blocked by Pfsense.
Thank you for that information. From what i can tell Starlink uses CGNAT which uses private IP addresses.
For science, I put Starlink back into bypass mode, and unchecked “Block private networks and loopback addresses”, and no issues - even when the Starlink connection goes down.
I’m not sure if Starlink changed something or if this needed to be unchecked.
That is correct. If you are using this as a double NAT you have to uncheck that option as @Paul mentioned.
That is interesting… when Starlink was not in bypass mode, i was getting a 192.168.1.x IP from the router, and the Starlink wifi was active and i had “Block private networks and loopback addresses” checked and was still able to get Internet.
Am i missing something here?
Thank you
I wanted to provide an update for anyone having a similar type of issue. It looks like my default boot environment was corrupt.
I found this out, because issues started in other parts of pfsense, and continued issue where all devices would lose their IPs, and pfsense web interface became unavailable.
The Fix was to boot from a previous boot environment - that stabilized everything and made it the default.
For science, i did try to load the problematic boot environment and I started getting the same issues - so then reverted back to a previous boot environment.
Thanks everyone for your help in trying to troubleshoot this issue.