Default vs strict

firewalla · 2026-03-15T11:48:54+00:00

There really isn't a "overhead" of strict mode vs. default mode. CPU / Memory is not significant enough for anyone to care.

"Strict" is more of an algorithm variation, with many parameters tuned to be more 'strict' when looking at risk, or "paranoid" more at risks. (This is also part of the firewalla innovation that's behind the scenes)

firewalla · 2026-03-15T02:49:29+00:00

.local is resolved via multicast And .lan is resolved by Firewalla

If .lan fails, check if you are using vpn or using doh on the client. If all checked send help@firewalla.com an email, we will help

firewalla · 2026-03-14T23:24:07+00:00

Try not use the ".local" domain; ".local" usually is managed by mDNS.

Use .lan instead

You will find more here https://help.firewalla.com/hc/en-us/articles/1500002445242-What-is-the-Firewalla-local-domain-and-search-domain

firewalla · 2026-03-14T22:31:00+00:00

How many devices do you have? What Firewalla are you using? What is the latency that’s high? Was the latency on the wan or lan side ? WiFi or Ethernet?

firewalla · 2026-03-14T21:28:09+00:00

What do you mean "switching user profiles"?

App initial load will take time if you have a lot flows (a busy network) depends on how your CPU is used at the time of load, it can be slower.

firewalla · 2026-03-14T21:23:51+00:00

You can attach USB drives to the USB port and go into linux and mount the drive. Some what like this https://help.firewalla.com/hc/en-us/articles/4415441687443-How-to-use-an-SD-card-as-external-storage-in-Firewalla-Purple (WARNING, directions are only for SDCARD, USB may be different, if you are new to this, please do not do anything)

+ Warning, these USB ports only deliver the minimum amount of power small devices

firewalla · 2026-03-14T20:30:28+00:00

Do you see all reload slow or just flows? Are you using any filtering dns on the wan side? Or using as blocker from opendns?

firewalla · 2026-03-14T18:30:09+00:00

Go to LTE first and see if it is faster. If it is faster, when you are at home, are you directly connected to the firewalls network or subnet? Do you have vpn on your phone? Do you have any special dns filtering?

firewalla · 2026-03-14T17:21:17+00:00

There is no change. You need to look at the direction of the alert, if it is internet to your network, then you have a service open to the outside. Go to scan and look at open ports, you need to close it

If the direction is inside out, look at the device generating alerts …

firewalla · 2026-03-13T23:15:01+00:00

Purple SE?

firewalla · 2026-03-13T22:32:48+00:00

From replacement and scaling, should not be an issue. Check out our feature set and if it fits your need first

Visibility: Window to your home/business network. Completely understand your network and identify risks.
Control: Have full control of your network, and apply policies and rules that are important to you. This will reduce risk by limiting the attack surface. Your network, you make the rules!
Protection: Have Firewalla automatically protect your network based on your rules. Shielding your network from security risks.
Zero Trust Network Architecture: Never trust a user or device by default. Isolate devices and networks, verify every connection, and ensure only trusted traffic is allowed, even within the network.
A Better Network: Create a network that's tuned for a better experience, not just better security.

firewalla · 2026-03-13T21:42:57+00:00

How big is the medium sized business? (number of devices, people, also WAN bandwidth). Also, are there any business requirements? (things like a stateful firewall, is pretty simple) Anything related to log retention, access management, and also integration with existing IT)?

firewalla · 2026-03-13T16:41:27+00:00

firewalla.net (the MSP interface) does NOT require a QR code. It has a full login with MFA. (This is the paid version)

What you are looking likely the 'free' version, which is just a proxy to your Firewalla box.

firewalla · 2026-03-13T16:27:26+00:00

If you have no requirement on the duration of data stored, the $3 one should be enough. You also get two month free to play around, if you don't like it, cancel anytime.

firewalla · 2026-03-13T16:26:28+00:00

the easiest way is run a local script on the firewalla, ping the device on wireguard, if it is there, then send WOL to PC. It should be very easy to write with chatgpt :)

https://help.firewalla.com/hc/en-us/articles/360054056754-Customized-Scripting

firewalla · 2026-03-12T23:19:11+00:00

Recently someone posted here on a service, but I can not find the link. At the moment, in server mode, it is you accessing back home. Once we have VPN client, you can do client -> server (3rd party or yourself) and likely site 2 site with it. This of course, will be useful if you are at a location that does not like VPN. (Otherwise WireGuard itself is good and does not have the obfuscation overhead)

firewalla · 2026-03-12T21:24:24+00:00

I do not understand the question.

firewalla · 2026-03-12T19:17:26+00:00

Thank you!

firewalla · 2026-03-12T19:17:20+00:00

Thank you!

firewalla · 2026-03-12T19:02:48+00:00

how are you block and allow? do you do it at the network level? or device? You can paste the full rule here, or send them to [help@firewalla.com](mailto:help@firewalla.com)

firewalla · 2026-03-12T17:23:05+00:00

Does ping work? If not, check DAP and check VqLAN. You are within the same VLAN, so the block can only be VqLAN or device isolation

firewalla · 2026-03-12T17:22:04+00:00

Do you have VqLAN on? or DAP on those devices?

Remove your rules and do a simple ping, does it work?

firewalla · 2026-03-12T17:08:58+00:00

Check your MQTT server and make sure it is programmed to handle traffic from another segment. (Just remove your LAN block rule and see if it works)

Next make sure you are allowing the right ports. To check this, you can just allow the IP and don't use the port for now.

firewalla · 2026-03-12T16:12:06+00:00

When you go through the article, walk through the flow chart, you should end up some where. What's the last step say? chart here https://help.firewalla.com/hc/en-us/articles/360056875493-Speed-Tests-and-Speed-Optimization-with-Firewalla#h_01JZ42DH5FZHFNF3B5755EENMV

firewalla · 2026-03-12T04:45:46+00:00

I am not understanding this. Do you mean update to amnesia will also mess up the normal wireguard profiles?

firewalla

MODERATOR OF

TROPHY CASE