Man, it took me two hours to watch this video! Every time you'd do something, I'd have to check it out on my end, which took me off on a couple of tangents each time. Keep up these great tutorials...
Tom, I never really comment, subscribe or like videos but your videos have taught a lot in a very intuitive way and because of that you're one of the few that I do follow. I've learned a lot from your videos ranging from pfSense to the NAS videos you've put out. I'm curious if you could do a video explaining and using TNSR software. As a company we've been considering moving to it, but we simply don't know enough about it yet. Thanks for all you do!
It's been about 10 years since I last played with NTOP, its comes an incredibly long way in that time, I'll definitely have to have another play with it.
You have a strange but very welcome talent for making videos in perfect time with my interest in things. I find cool thing I want to use or want to delve deeper in something and boom you post a video on said thing. I love it
Another great video by LS, thank you very much. I have noticed that there is an update to ntopng (v.4.2.0), but it seem it needs to be installed manually; is it possible for you to show us how to do that? Thanks again
How do you get rid of that super-annoying "A new ntopng stable version (v.4.2.0) is available for download: please upgrade" message that shows up on every page? I see it on mine, too--and I can click the "x" to close it, but it just immediately comes back the next time I click on _anything_ in the interface! I don't really want to mess around with upgrading it manually beyond what's in the plugin repository.
Tom, thanks for all the info you share with the community. You are the reason I started using pfsense. Anytime I lookup something pfsense related, your videos popup in google search. You've definitely earned me as a sub. Thank you for all the walkthrough videos and clear explainations.
I was just looking for a way to get an overview of my network traffic. Lo and behold a Tom Lawrence vid just appeared in my google search! Great vid, thanks!
@@aot2002 I'm referring to the version that uses redis. I install the latest stable builds as the pfsense version is always way behind. Takes about 5 mins.
Just installed this. Looks awesome so far. I getting the below alert. Should I flip it? =\ This interface is monitoring DHCP hosts. Please consider changing the Local Broadcast Domain Hosts Identifier preference to "MAC Address".
Great feature! I'm definitely going to try it out. I have a NAC tool that I want to send this type of data to, is it possible to mirror ports to send to my security appliances?
Tom, how did you update to the 4.x version? I seem to be stuck on 3.x and there doesn't seem to be an update from the available packages in pfsense. I cna manually install and update from cli, but I don't think you had to do that....
So I see you are running 4.2 but on my 2.5.2 pfsense when I go through packages I get 3.4 can you point in the right direction to allow me to upgrade to 4.2 thank you
this is interesting. maybe you can help with a suggestion: I'm interested in using something like this with pfsense in order to monitor for when a client is "active" - active meaning it has throughput above some level for a period of time. Basically, something I can hit over an API and then send an MQTT message that Home Assistant can pick up to understand when clients have active network communication going on and thus trigger events on it. If someone sits down and starts using a computer and thus network bandwidth, I could detect that event and trigger automations. Also I could monitor and log what time of day that computer is being used. I'm wondering if the API for ntopng would be good for this and then possibly write an a Home Assistant integration to talk to that API.
Love the content so far, Just jumped into this, I feel like something is bogging my network down and I'd love a tool to be able to see how much traffic each device is using (LAN and wifi) - I have a 1 GB pipe and from the router itself I get great speedtests, but when I'm on my network at times I get super slow speeds at the same time. I assume one of my kids is gotone of the devices really hammering away... Would PfSense/ntopng help find where these devices are taking a ton of data? I work from home and sometimes the slowdown is so bad my VPN keeps disconnecting! I assume my kids are downloading/streaming/watching something all at once. :) If this tool does NOT do it, could you recommend one?
I ran into an issue with the PFsense Ntopng package. PFsense 2.5 community edition on Qotom 4 port Core I3 box. Anytime I clicked on a host it would throw an error message, making it unusable for host specific stats. After some digging I found it is a somewhat known issue that hasn't been patched in the PFsense repo. So I ended up installing Ntopng from the command line/official repo and it's been working fine. This also gets rid of the annoying "update to 2.4" message that keeps popping up.
I've seen some folks post that you are able to use the - F switch and have flow data pushed to a ClickHouse or ElasticSearch server. But ntopng docs have an asterisk such functionality is not possible on Debian/pfsense. So I'm wondering which one is correct. What I'm looking to do is aggregate total bytes sent and received by host on my network for longer term historical reporting. I'll go watch your greylog video to see if that's a good option for me. Haven't moved to pfsense yet as I'm trying to see if I can make all this work. Thanks!
In pfSense diagnostic, ntopng settings, at bottom of screen there is a 'delete data' choice. Be sure to save settings tho. I find that on my SG-5100 I have out of space issues. I find I have to periodically delete the data and because of this do not leave it running.
I just had to spend a few hours troubleshooting this. Active Network Discovery completely fucks up my internet every 15 minutes and I have to reboot my modem.... ugh...
Is it normal to see "two" connections on the WAN side? I have em1 (LAN) and em0 for my interfaces. em0 for WAN shows my IP to my pfsense box, and a Cisco. I don't have a Cisco connected between pfsense and my cable modem... Unless Arris runs something apart of Cisco... Can it be possible to somehow see my ISP's router? As it gives a MAC address, and it's not my cable modem.
When do you guys actually use pfsense? When I worked in a data center that obviously never would have never ever happened and when I worked for msp it would have been a nightmare to manage
How To Setup pfsense OpenVPN Policy Routing With Kill Switch Using A Privacy VPN th-cam.com/video/ulRgecz0UsQ/w-d-xo.html Configuring pfsense Firewall Rules For Home th-cam.com/video/bjr0rm93uVA/w-d-xo.html Our pfsense tutorials lawrence.technology/pfsense/ Open Source Logging: Getting Started with Graylog Tutorial th-cam.com/video/rtfj6W5X0YA/w-d-xo.html ⏱ Timestamps ⏱ 00:00 pfsense ntopng 01:22 insatlling and configuring ntopng 03:32 ntopng settings 06:24 ntopng network discovery 07:02 how to use ntopng
I have a basic question.. If I install ntopng on one of my network devices can it monitor the traffic flow between other devices and the router? or is ntopng only able to monitor data flow between the machine it's installed on an other machines?
![POLYCAT - ข้อความรูปยิ้ม :) [Music Video]](http://i.ytimg.com/vi/lBhIgPGCgbI/mqdefault.jpg)
Tom, you are a super star. My main goto for opensource recommendations and guides. So clear and concise.
Man, it took me two hours to watch this video! Every time you'd do something, I'd have to check it out on my end, which took me off on a couple of tangents each time. Keep up these great tutorials...
Tom, I never really comment, subscribe or like videos but your videos have taught a lot in a very intuitive way and because of that you're one of the few that I do follow. I've learned a lot from your videos ranging from pfSense to the NAS videos you've put out.
I'm curious if you could do a video explaining and using TNSR software. As a company we've been considering moving to it, but we simply don't know enough about it yet.
Thanks for all you do!
It's been about 10 years since I last played with NTOP, its comes an incredibly long way in that time, I'll definitely have to have another play with it.
I have been waiting for this, thank you!! 🤗
You’re amazing man!!
You have a strange but very welcome talent for making videos in perfect time with my interest in things. I find cool thing I want to use or want to delve deeper in something and boom you post a video on said thing. I love it
Huh, I was JUST looking into this functionality yesterday! Perfect timing :o
Very interesting tooling. Didn't know it existed for pfSense :) thanks again Tom
Another great video by LS, thank you very much.
I have noticed that there is an update to ntopng (v.4.2.0), but it seem it needs to be installed manually; is it possible for you to show us how to do that?
Thanks again
I want to know how to disable the popup or how to install it manually.
Tom, Please show us how to update it.
Yup......fairly new to pfSense myself but I'm looking for the answer to that as well!!!
I ended up creating a VM with NTOP installed so I can keep it updated. Also, since it's a VM I was able to give it plenty of storage for logging.
Great video. Very little out there about this application so this is very useful. Thanks.
Thanks for the the review! Amazing as always.
Thank you so much Tom - help me big time with my pfsense.
How do you get rid of that super-annoying "A new ntopng stable version (v.4.2.0) is available for download: please upgrade" message that shows up on every page? I see it on mine, too--and I can click the "x" to close it, but it just immediately comes back the next time I click on _anything_ in the interface! I don't really want to mess around with upgrading it manually beyond what's in the plugin repository.
Another banger of a video! Thank you Tom!
Tom, thanks for all the info you share with the community. You are the reason I started using pfsense. Anytime I lookup something pfsense related, your videos popup in google search. You've definitely earned me as a sub. Thank you for all the walkthrough videos and clear explainations.
Awesome showcase!
I LOVE your videos. Very informative. Can't wait to install this myself. Hard to believe you guys are Detroiters too!
Thanksa and I think we need more tech in Detroit and MI.
Wonderful, and thank you
I was just looking for a way to get an overview of my network traffic. Lo and behold a Tom Lawrence vid just appeared in my google search! Great vid, thanks!
Be aware that ntopng does a lot of disk writes. Just something to consider if using a low end SSD.
I believe it now uses redis so that should not be an issue. I'd be concerned about cpu usage though
@@aot2002 I'm referring to the version that uses redis. I install the latest stable builds as the pfsense version is always way behind. Takes about 5 mins.
@@jeffm2787 Gotcha. You could just use a ramdisk which writes to memory. Problem is you lose data on reboot.
Thanks for another informative video!
Just installed this. Looks awesome so far. I getting the below alert. Should I flip it? =\
This interface is monitoring DHCP hosts. Please consider changing the Local Broadcast Domain Hosts Identifier preference to "MAC Address".
Great feature! I'm definitely going to try it out.
I have a NAC tool that I want to send this type of data to, is it possible to mirror ports to send to my security appliances?
Tom, how did you update to the 4.x version? I seem to be stuck on 3.x and there doesn't seem to be an update from the available packages in pfsense. I cna manually install and update from cli, but I don't think you had to do that....
Can you show host names instead of IP addresses?
So I see you are running 4.2 but on my 2.5.2 pfsense when I go through packages I get 3.4 can you point in the right direction to allow me to upgrade to 4.2 thank you
this is interesting. maybe you can help with a suggestion: I'm interested in using something like this with pfsense in order to monitor for when a client is "active" - active meaning it has throughput above some level for a period of time. Basically, something I can hit over an API and then send an MQTT message that Home Assistant can pick up to understand when clients have active network communication going on and thus trigger events on it. If someone sits down and starts using a computer and thus network bandwidth, I could detect that event and trigger automations. Also I could monitor and log what time of day that computer is being used. I'm wondering if the API for ntopng would be good for this and then possibly write an a Home Assistant integration to talk to that API.
It has an API
Thank you for the video. How can I use ntopng to keep track of how much data I have used on my WAN. So my can audit Comcast usage data?
Love the content so far, Just jumped into this, I feel like something is bogging my network down and I'd love a tool to be able to see how much traffic each device is using (LAN and wifi) - I have a 1 GB pipe and from the router itself I get great speedtests, but when I'm on my network at times I get super slow speeds at the same time. I assume one of my kids is gotone of the devices really hammering away... Would PfSense/ntopng help find where these devices are taking a ton of data? I work from home and sometimes the slowdown is so bad my VPN keeps disconnecting! I assume my kids are downloading/streaming/watching something all at once. :) If this tool does NOT do it, could you recommend one?
Once you get PFsence and all the addon installed and setup the way you like it, is there a way to back it up or export the settings?
I ran into an issue with the PFsense Ntopng package. PFsense 2.5 community edition on Qotom 4 port Core I3 box. Anytime I clicked on a host it would throw an error message, making it unusable for host specific stats. After some digging I found it is a somewhat known issue that hasn't been patched in the PFsense repo. So I ended up installing Ntopng from the command line/official repo and it's been working fine. This also gets rid of the annoying "update to 2.4" message that keeps popping up.
I've seen some folks post that you are able to use the - F switch and have flow data pushed to a ClickHouse or ElasticSearch server. But ntopng docs have an asterisk such functionality is not possible on Debian/pfsense. So I'm wondering which one is correct. What I'm looking to do is aggregate total bytes sent and received by host on my network for longer term historical reporting. I'll go watch your greylog video to see if that's a good option for me. Haven't moved to pfsense yet as I'm trying to see if I can make all this work. Thanks!
Great content.
How much disk space and memory ntopng needs? How to prevent filling the whole disk? Thx.
In pfSense diagnostic, ntopng settings, at bottom of screen there is a 'delete data' choice. Be sure to save settings tho. I find that on my SG-5100 I have out of space issues. I find I have to periodically delete the data and because of this do not leave it running.
Any news about when it will be upgraded from 3 to version 4?
sir can you make a tutorial on how to reject or block udp and tcp ports in pfsense. thanks
Inbound ports are blocked by defualt.
how can someone limit the speed of network traffic per ip inside the local network
can you force resolution or name mapping to hosts?
Not sure.
How about zenarmor?
"..... Different ISO's for different Linux distributions.. " 🤣🤣🤣👍
I just had to spend a few hours troubleshooting this. Active Network Discovery completely fucks up my internet every 15 minutes and I have to reboot my modem.... ugh...
Same issue here, please help me with this.
Why a PIA VPN to Switzerland (my country)? Because it's legal to pirate movies here ;) ? Great Video!
I have never been there physically so being there virtually seems like the next best thing!
Wow, pfSense installs version 3.4.0 and the latest is v4.2.0 - with no way to upgrade through the panel. Seems odd.
I'm on 5.0
Is it normal to see "two" connections on the WAN side? I have em1 (LAN) and em0 for my interfaces. em0 for WAN shows my IP to my pfsense box, and a Cisco. I don't have a Cisco connected between pfsense and my cable modem... Unless Arris runs something apart of Cisco... Can it be possible to somehow see my ISP's router? As it gives a MAC address, and it's not my cable modem.
You may be seeing something upstream from your ISP.
Does anyone know if this can show ipv6 vs v4 traffic?
Does this pass the USG and discover all the network the switches?
pfsense is a firewall, I would not use it with the USG
@@LAWRENCESYSTEMS thank for the replay,
@@LAWRENCESYSTEMS thanks for replay
how to go back to the previous version of pfsense
reload the system
Lawrence -- I love your videos! Do a similar video on Elastiflow!! :) Elastiflow > ntopng
I don't use it so not likely.
@@LAWRENCESYSTEMS awwwwwwww I understand. Give it a try it and I bet you won't regret it :)
Thanks for the great content, sir.
Be careful with this if you enable it on the lower end netgate devices. It will fill the drive and it will crash pfsense.
When do you guys actually use pfsense? When I worked in a data center that obviously never would have never ever happened and when I worked for msp it would have been a nightmare to manage
In data centers & at many businesses.
Make sure the password is only latin upper and lower-case letters and numbers (no symbols)
that threw me off for a bit
ntopng killed my SSD with all the writes in a month 😭
How To Setup pfsense OpenVPN Policy Routing With Kill Switch Using A Privacy VPN
th-cam.com/video/ulRgecz0UsQ/w-d-xo.html
Configuring pfsense Firewall Rules For Home
th-cam.com/video/bjr0rm93uVA/w-d-xo.html
Our pfsense tutorials
lawrence.technology/pfsense/
Open Source Logging: Getting Started with Graylog Tutorial
th-cam.com/video/rtfj6W5X0YA/w-d-xo.html
⏱ Timestamps ⏱
00:00 pfsense ntopng
01:22 insatlling and configuring ntopng
03:32 ntopng settings
06:24 ntopng network discovery
07:02 how to use ntopng
First
russia should be pinged with something more than icmp ;)
I have a basic question..
If I install ntopng on one of my network devices can it monitor the traffic flow between other devices and the router?
or is ntopng only able to monitor data flow between the machine it's installed on an other machines?
It can only monitor traffic that goes through the router
@@LAWRENCESYSTEMS so it it's installed on machine A, can it track the flow between machine B and the router?
@@mahela1993 It can only track things that flow through it or if you use a port mirror setup to get data to the device running NTOP