This is the xml dump from my pfsense router. If you prefer to use a step by step guide to configure your pfsense router, see This Guide.
<?xml version="1.0"?>
<pfsense>
<version>21.5</version>
<lastchange></lastchange>
<system>
<optimization>normal</optimization>
<hostname>pfSense</hostname>
<domain>home.arpa</domain>
<group>
<name>all</name>
<description><![CDATA[All Users]]></description>
<scope>system</scope>
<gid>1998</gid>
</group>
<group>
<name>admins</name>
<description><![CDATA[System Administrators]]></description>
<scope>system</scope>
<gid>1999</gid>
<member>0</member>
<priv>page-all</priv>
</group>
<user>
<name>admin</name>
<descr><![CDATA[System Administrator]]></descr>
<scope>system</scope>
<groupname>admins</groupname>
<bcrypt-hash></bcrypt-hash>
<uid>0</uid>
<priv>user-shell-access</priv>
<expires></expires>
<dashboardcolumns>2</dashboardcolumns>
<authorizedkeys></authorizedkeys>
<ipsecpsk></ipsecpsk>
<webguicss>pfSense.css</webguicss>
</user>
<nextuid>2000</nextuid>
<nextgid>2000</nextgid>
<timeservers>2.pfsense.pool.ntp.org</timeservers>
<webgui>
<protocol>https</protocol>
<loginautocomplete></loginautocomplete>
<ssl-certref></ssl-certref>
<port></port>
<max_procs>2</max_procs>
<nodnsrebindcheck></nodnsrebindcheck>
<dashboardcolumns>2</dashboardcolumns>
<nohttpreferercheck></nohttpreferercheck>
<webguicss>pfSense.css</webguicss>
<logincss>1e3f75;</logincss>
</webgui>
<disablenatreflection>yes</disablenatreflection>
<disablesegmentationoffloading></disablesegmentationoffloading>
<disablelargereceiveoffloading></disablelargereceiveoffloading>
<ipv6allow></ipv6allow>
<maximumtableentries>400000</maximumtableentries>
<powerd_ac_mode>hadp</powerd_ac_mode>
<powerd_battery_mode>hadp</powerd_battery_mode>
<powerd_normal_mode>hadp</powerd_normal_mode>
<bogons>
<interval>monthly</interval>
</bogons>
<hn_altq_enable></hn_altq_enable>
<already_run_config_upgrade></already_run_config_upgrade>
<ssh>
<enable>enabled</enable>
</ssh>
<serialspeed>115200</serialspeed>
<primaryconsole>serial</primaryconsole>
<sshguard_threshold></sshguard_threshold>
<sshguard_blocktime></sshguard_blocktime>
<sshguard_detection_time></sshguard_detection_time>
<sshguard_whitelist></sshguard_whitelist>
<language>en_US</language>
<timezone>US/Central</timezone>
<dnsserver>192.168.3.6</dnsserver>
<dnsallowoverride></dnsallowoverride>
<dns1host>ns1.home.lab</dns1host>
<acb>
<enable>yes</enable>
<hint></hint>
<frequency>cron</frequency>
<hour>23</hour>
<month>*</month>
<day>*</day>
<dow>*</dow>
<numman></numman>
<encryption_password></encryption_password>
</acb>
</system>
<interfaces>
<wan>
<enable></enable>
<if>em0</if>
<descr><![CDATA[Internet]]></descr>
<spoofmac></spoofmac>
<ipaddr>192.168.3.7</ipaddr>
<subnet>24</subnet>
<gateway>WANGW_2</gateway>
<ipaddrv6></ipaddrv6>
<subnetv6></subnetv6>
<gatewayv6></gatewayv6>
</wan>
<lan>
<descr><![CDATA[VLAN10]]></descr>
<if>em1</if>
<enable></enable>
<ipaddr>10.10.1.1</ipaddr>
<subnet>24</subnet>
<spoofmac></spoofmac>
</lan>
<opt1>
<descr><![CDATA[VLAN20VMOTION]]></descr>
<if>em2</if>
<enable></enable>
<ipaddr>10.10.2.1</ipaddr>
<subnet>24</subnet>
<spoofmac></spoofmac>
</opt1>
<opt2>
<descr><![CDATA[VLAN30VSAN]]></descr>
<if>em3</if>
<enable></enable>
<ipaddr>10.10.3.1</ipaddr>
<subnet>24</subnet>
<spoofmac></spoofmac>
</opt2>
<opt3>
<descr><![CDATA[VLAN40VMNETWORK]]></descr>
<if>em4</if>
<enable></enable>
<ipaddr>10.10.4.1</ipaddr>
<subnet>24</subnet>
<spoofmac></spoofmac>
</opt3>
<opt4>
<descr><![CDATA[VLAN50]]></descr>
<if>em5</if>
<enable></enable>
<ipaddr>10.10.5.1</ipaddr>
<subnet>24</subnet>
<spoofmac></spoofmac>
</opt4>
</interfaces>
<staticroutes></staticroutes>
<dhcpd>
<opt1>
<range>
<from>10.10.2.100</from>
<to>10.10.2.150</to>
</range>
<enable></enable>
<failover_peerip></failover_peerip>
<defaultleasetime></defaultleasetime>
<maxleasetime></maxleasetime>
<netmask></netmask>
<gateway></gateway>
<domain>home.lab</domain>
<domainsearchlist>home.lab</domainsearchlist>
<ddnsdomain></ddnsdomain>
<ddnsdomainprimary></ddnsdomainprimary>
<ddnsdomainsecondary></ddnsdomainsecondary>
<ddnsdomainkeyname></ddnsdomainkeyname>
<ddnsdomainkeyalgorithm>hmac-md5</ddnsdomainkeyalgorithm>
<ddnsdomainkey></ddnsdomainkey>
<mac_allow></mac_allow>
<mac_deny></mac_deny>
<ddnsclientupdates>allow</ddnsclientupdates>
<tftp></tftp>
<ldap></ldap>
<nextserver></nextserver>
<filename></filename>
<filename32></filename32>
<filename64></filename64>
<filename32arm></filename32arm>
<filename64arm></filename64arm>
<rootpath></rootpath>
<numberoptions></numberoptions>
<dhcpleaseinlocaltime></dhcpleaseinlocaltime>
<dnsserver>192.168.3.6</dnsserver>
</opt1>
<opt2>
<range>
<from>10.10.3.100</from>
<to>10.10.3.150</to>
</range>
<enable></enable>
<failover_peerip></failover_peerip>
<defaultleasetime></defaultleasetime>
<maxleasetime></maxleasetime>
<netmask></netmask>
<gateway></gateway>
<domain>home.lab</domain>
<domainsearchlist>home.lab</domainsearchlist>
<ddnsdomain></ddnsdomain>
<ddnsdomainprimary></ddnsdomainprimary>
<ddnsdomainsecondary></ddnsdomainsecondary>
<ddnsdomainkeyname></ddnsdomainkeyname>
<ddnsdomainkeyalgorithm>hmac-md5</ddnsdomainkeyalgorithm>
<ddnsdomainkey></ddnsdomainkey>
<mac_allow></mac_allow>
<mac_deny></mac_deny>
<ddnsclientupdates>allow</ddnsclientupdates>
<tftp></tftp>
<ldap></ldap>
<nextserver></nextserver>
<filename></filename>
<filename32></filename32>
<filename64></filename64>
<filename32arm></filename32arm>
<filename64arm></filename64arm>
<rootpath></rootpath>
<numberoptions></numberoptions>
<dhcpleaseinlocaltime></dhcpleaseinlocaltime>
<dnsserver>192.168.3.6</dnsserver>
</opt2>
<opt3>
<range>
<from>10.10.4.100</from>
<to>10.10.4.150</to>
</range>
<enable></enable>
<failover_peerip></failover_peerip>
<defaultleasetime></defaultleasetime>
<maxleasetime></maxleasetime>
<netmask></netmask>
<gateway></gateway>
<domain>home.lab</domain>
<domainsearchlist>home.lab</domainsearchlist>
<ddnsdomain></ddnsdomain>
<ddnsdomainprimary></ddnsdomainprimary>
<ddnsdomainsecondary></ddnsdomainsecondary>
<ddnsdomainkeyname></ddnsdomainkeyname>
<ddnsdomainkeyalgorithm>hmac-md5</ddnsdomainkeyalgorithm>
<ddnsdomainkey></ddnsdomainkey>
<mac_allow></mac_allow>
<mac_deny></mac_deny>
<ddnsclientupdates>allow</ddnsclientupdates>
<tftp></tftp>
<ldap></ldap>
<nextserver></nextserver>
<filename></filename>
<filename32></filename32>
<filename64></filename64>
<filename32arm></filename32arm>
<filename64arm></filename64arm>
<rootpath></rootpath>
<numberoptions></numberoptions>
<dhcpleaseinlocaltime></dhcpleaseinlocaltime>
<dnsserver>192.168.3.6</dnsserver>
</opt3>
<opt4>
<range>
<from>10.10.5.100</from>
<to>10.10.5.150</to>
</range>
<enable></enable>
<failover_peerip></failover_peerip>
<defaultleasetime></defaultleasetime>
<maxleasetime></maxleasetime>
<netmask></netmask>
<gateway></gateway>
<domain>home.lab</domain>
<domainsearchlist>home.lab</domainsearchlist>
<ddnsdomain></ddnsdomain>
<ddnsdomainprimary></ddnsdomainprimary>
<ddnsdomainsecondary></ddnsdomainsecondary>
<ddnsdomainkeyname></ddnsdomainkeyname>
<ddnsdomainkeyalgorithm>hmac-md5</ddnsdomainkeyalgorithm>
<ddnsdomainkey></ddnsdomainkey>
<mac_allow></mac_allow>
<mac_deny></mac_deny>
<ddnsclientupdates>allow</ddnsclientupdates>
<tftp></tftp>
<ldap></ldap>
<nextserver></nextserver>
<filename></filename>
<filename32></filename32>
<filename64></filename64>
<filename32arm></filename32arm>
<filename64arm></filename64arm>
<rootpath></rootpath>
<numberoptions></numberoptions>
<dhcpleaseinlocaltime></dhcpleaseinlocaltime>
<dnsserver>192.168.3.6</dnsserver>
</opt4>
<lan>
<range>
<from>10.10.1.100</from>
<to>10.10.1.150</to>
</range>
<enable></enable>
<failover_peerip></failover_peerip>
<defaultleasetime></defaultleasetime>
<maxleasetime></maxleasetime>
<netmask></netmask>
<dnsserver>192.168.3.6</dnsserver>
<gateway></gateway>
<domain>home.lab</domain>
<domainsearchlist>home.lab</domainsearchlist>
<ddnsdomain></ddnsdomain>
<ddnsdomainprimary></ddnsdomainprimary>
<ddnsdomainsecondary></ddnsdomainsecondary>
<ddnsdomainkeyname></ddnsdomainkeyname>
<ddnsdomainkeyalgorithm>hmac-md5</ddnsdomainkeyalgorithm>
<ddnsdomainkey></ddnsdomainkey>
<mac_allow></mac_allow>
<mac_deny></mac_deny>
<ddnsclientupdates>allow</ddnsclientupdates>
<tftp></tftp>
<ldap></ldap>
<nextserver></nextserver>
<filename></filename>
<filename32></filename32>
<filename64></filename64>
<filename32arm></filename32arm>
<filename64arm></filename64arm>
<rootpath></rootpath>
<numberoptions></numberoptions>
<dhcpleaseinlocaltime></dhcpleaseinlocaltime>
</lan>
</dhcpd>
<dhcpdv6></dhcpdv6>
<snmpd>
<syslocation></syslocation>
<syscontact></syscontact>
<rocommunity>public</rocommunity>
</snmpd>
<diag>
<ipv6nat>
<ipaddr></ipaddr>
</ipv6nat>
</diag>
<syslog>
<filterdescriptions>1</filterdescriptions>
</syslog>
<filter>
<rule>
<id></id>
<tracker>1625536415</tracker>
<type>pass</type>
<interface>wan</interface>
<ipprotocol>inet</ipprotocol>
<tag></tag>
<tagged></tagged>
<max></max>
<max-src-nodes></max-src-nodes>
<max-src-conn></max-src-conn>
<max-src-states></max-src-states>
<statetimeout></statetimeout>
<statetype><![CDATA[keep state]]></statetype>
<os></os>
<protocol>tcp</protocol>
<source>
<any></any>
</source>
<destination>
<network>(self)</network>
<port>22</port>
</destination>
<descr><![CDATA[Allow 22 to pfSense]]></descr>
<created>
<time>1625536415</time>
<username><![CDATA[admin@192.168.2.94 (Local Database)]]></username>
</created>
<updated>
<time>1625536955</time>
<username><![CDATA[admin@192.168.2.94 (Local Database)]]></username>
</updated>
</rule>
<rule>
<id></id>
<tracker>1625535224</tracker>
<type>pass</type>
<interface>wan</interface>
<ipprotocol>inet</ipprotocol>
<tag></tag>
<tagged></tagged>
<max></max>
<max-src-nodes></max-src-nodes>
<max-src-conn></max-src-conn>
<max-src-states></max-src-states>
<statetimeout></statetimeout>
<statetype><![CDATA[keep state]]></statetype>
<os></os>
<protocol>icmp</protocol>
<icmptype>any</icmptype>
<source>
<any></any>
</source>
<destination>
<network>(self)</network>
</destination>
<descr><![CDATA[Allow Ping to pfSense]]></descr>
<updated>
<time>1625535224</time>
<username><![CDATA[admin@192.168.2.94 (Local Database)]]></username>
</updated>
<created>
<time>1625535224</time>
<username><![CDATA[admin@192.168.2.94 (Local Database)]]></username>
</created>
</rule>
<rule>
<id></id>
<tracker>1625535067</tracker>
<type>pass</type>
<interface>wan</interface>
<ipprotocol>inet</ipprotocol>
<tag></tag>
<tagged></tagged>
<max></max>
<max-src-nodes></max-src-nodes>
<max-src-conn></max-src-conn>
<max-src-states></max-src-states>
<statetimeout></statetimeout>
<statetype><![CDATA[keep state]]></statetype>
<os></os>
<protocol>tcp</protocol>
<source>
<any></any>
</source>
<destination>
<network>(self)</network>
<port>443</port>
</destination>
<descr><![CDATA[Allow 443 to pfSense]]></descr>
<updated>
<time>1625535067</time>
<username><![CDATA[admin@192.168.2.94 (Local Database)]]></username>
</updated>
<created>
<time>1625535067</time>
<username><![CDATA[admin@192.168.2.94 (Local Database)]]></username>
</created>
</rule>
<rule>
<id></id>
<tracker>1625673442</tracker>
<type>pass</type>
<interface>wan</interface>
<ipprotocol>inet</ipprotocol>
<tag></tag>
<tagged></tagged>
<max></max>
<max-src-nodes></max-src-nodes>
<max-src-conn></max-src-conn>
<max-src-states></max-src-states>
<statetimeout></statetimeout>
<statetype><![CDATA[keep state]]></statetype>
<os></os>
<source>
<any></any>
</source>
<destination>
<any></any>
</destination>
<descr></descr>
<updated>
<time>1625673442</time>
<username><![CDATA[admin@192.168.3.155 (Local Database)]]></username>
</updated>
<created>
<time>1625673442</time>
<username><![CDATA[admin@192.168.3.155 (Local Database)]]></username>
</created>
</rule>
<rule>
<type>pass</type>
<ipprotocol>inet</ipprotocol>
<descr><![CDATA[Default allow LAN to any rule]]></descr>
<interface>lan</interface>
<tracker>0100000101</tracker>
<source>
<network>lan</network>
</source>
<destination>
<any></any>
</destination>
</rule>
<rule>
<type>pass</type>
<ipprotocol>inet6</ipprotocol>
<descr><![CDATA[Default allow LAN IPv6 to any rule]]></descr>
<interface>lan</interface>
<tracker>0100000102</tracker>
<source>
<network>lan</network>
</source>
<destination>
<any></any>
</destination>
</rule>
<rule>
<id></id>
<tracker>1626104310</tracker>
<type>pass</type>
<interface>opt1</interface>
<ipprotocol>inet</ipprotocol>
<tag></tag>
<tagged></tagged>
<max></max>
<max-src-nodes></max-src-nodes>
<max-src-conn></max-src-conn>
<max-src-states></max-src-states>
<statetimeout></statetimeout>
<statetype><![CDATA[keep state]]></statetype>
<os></os>
<source>
<network>opt1</network>
</source>
<destination>
<any></any>
</destination>
<descr><![CDATA[Default allow to any rule]]></descr>
<updated>
<time>1626104310</time>
<username><![CDATA[admin@192.168.3.155 (Local Database)]]></username>
</updated>
<created>
<time>1626104310</time>
<username><![CDATA[admin@192.168.3.155 (Local Database)]]></username>
</created>
</rule>
<rule>
<id></id>
<tracker>1626104295</tracker>
<type>pass</type>
<interface>opt2</interface>
<ipprotocol>inet</ipprotocol>
<tag></tag>
<tagged></tagged>
<max></max>
<max-src-nodes></max-src-nodes>
<max-src-conn></max-src-conn>
<max-src-states></max-src-states>
<statetimeout></statetimeout>
<statetype><![CDATA[keep state]]></statetype>
<os></os>
<source>
<network>opt2</network>
</source>
<destination>
<any></any>
</destination>
<descr><![CDATA[Default allow to any rule]]></descr>
<updated>
<time>1626104295</time>
<username><![CDATA[admin@192.168.3.155 (Local Database)]]></username>
</updated>
<created>
<time>1626104295</time>
<username><![CDATA[admin@192.168.3.155 (Local Database)]]></username>
</created>
</rule>
<rule>
<id></id>
<tracker>1625687815</tracker>
<type>pass</type>
<interface>opt3</interface>
<ipprotocol>inet</ipprotocol>
<tag></tag>
<tagged></tagged>
<max></max>
<max-src-nodes></max-src-nodes>
<max-src-conn></max-src-conn>
<max-src-states></max-src-states>
<statetimeout></statetimeout>
<statetype><![CDATA[keep state]]></statetype>
<os></os>
<source>
<network>opt3</network>
</source>
<destination>
<any></any>
</destination>
<descr><![CDATA[Default allow LAN to any rule]]></descr>
<updated>
<time>1625687815</time>
<username><![CDATA[admin@192.168.3.155 (Local Database)]]></username>
</updated>
<created>
<time>1625687815</time>
<username><![CDATA[admin@192.168.3.155 (Local Database)]]></username>
</created>
</rule>
<rule>
<id></id>
<tracker>1626104265</tracker>
<type>pass</type>
<interface>opt4</interface>
<ipprotocol>inet</ipprotocol>
<tag></tag>
<tagged></tagged>
<max></max>
<max-src-nodes></max-src-nodes>
<max-src-conn></max-src-conn>
<max-src-states></max-src-states>
<statetimeout></statetimeout>
<statetype><![CDATA[keep state]]></statetype>
<os></os>
<source>
<network>opt4</network>
</source>
<destination>
<any></any>
</destination>
<descr><![CDATA[Default allow to any rule]]></descr>
<updated>
<time>1626104265</time>
<username><![CDATA[admin@192.168.3.155 (Local Database)]]></username>
</updated>
<created>
<time>1626104265</time>
<username><![CDATA[admin@192.168.3.155 (Local Database)]]></username>
</created>
</rule>
<separator>
<wan></wan>
<lan></lan>
<opt3></opt3>
<opt4></opt4>
<opt2></opt2>
<opt1></opt1>
</separator>
</filter>
<ipsec></ipsec>
<aliases></aliases>
<proxyarp></proxyarp>
<cron>
<item>
<minute>*/1</minute>
<hour>*</hour>
<mday>*</mday>
<month>*</month>
<wday>*</wday>
<who>root</who>
<command>/usr/sbin/newsyslog</command>
</item>
<item>
<minute>1</minute>
<hour>3</hour>
<mday>*</mday>
<month>*</month>
<wday>*</wday>
<who>root</who>
<command>/etc/rc.periodic daily</command>
</item>
<item>
<minute>15</minute>
<hour>4</hour>
<mday>*</mday>
<month>*</month>
<wday>6</wday>
<who>root</who>
<command>/etc/rc.periodic weekly</command>
</item>
<item>
<minute>30</minute>
<hour>5</hour>
<mday>1</mday>
<month>*</month>
<wday>*</wday>
<who>root</who>
<command>/etc/rc.periodic monthly</command>
</item>
<item>
<minute>1,31</minute>
<hour>0-5</hour>
<mday>*</mday>
<month>*</month>
<wday>*</wday>
<who>root</who>
<command>/usr/bin/nice -n20 adjkerntz -a</command>
</item>
<item>
<minute>1</minute>
<hour>3</hour>
<mday>1</mday>
<month>*</month>
<wday>*</wday>
<who>root</who>
<command>/usr/bin/nice -n20 /etc/rc.update_bogons.sh</command>
</item>
<item>
<minute>1</minute>
<hour>1</hour>
<mday>*</mday>
<month>*</month>
<wday>*</wday>
<who>root</who>
<command>/usr/bin/nice -n20 /etc/rc.dyndns.update</command>
</item>
<item>
<minute>*/60</minute>
<hour>*</hour>
<mday>*</mday>
<month>*</month>
<wday>*</wday>
<who>root</who>
<command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 virusprot</command>
</item>
<item>
<minute>30</minute>
<hour>12</hour>
<mday>*</mday>
<month>*</month>
<wday>*</wday>
<who>root</who>
<command>/usr/bin/nice -n20 /etc/rc.update_urltables</command>
</item>
<item>
<minute>1</minute>
<hour>0</hour>
<mday>*</mday>
<month>*</month>
<wday>*</wday>
<who>root</who>
<command>/usr/bin/nice -n20 /etc/rc.update_pkg_metadata</command>
</item>
<item>
<minute>0</minute>
<hour>23</hour>
<mday>*</mday>
<month>*</month>
<wday>*</wday>
<who>root</who>
<command>/usr/bin/nice -n20 /usr/local/bin/php /usr/local/sbin/execacb.php</command>
</item>
</cron>
<wol></wol>
<rrd>
<enable></enable>
</rrd>
<widgets>
<sequence>system_information:col1:open:0,interfaces:col2:open:0</sequence>
<period>10</period>
</widgets>
<openvpn></openvpn>
<dnshaper></dnshaper>
<unbound>
<enable></enable>
<dnssec></dnssec>
<active_interface></active_interface>
<outgoing_interface></outgoing_interface>
<custom_options></custom_options>
<hideidentity></hideidentity>
<hideversion></hideversion>
<dnssecstripped></dnssecstripped>
</unbound>
<revision>
<time>1626966645</time>
<description><![CDATA[admin@192.168.3.155 (Local Database): main]]></description>
<username><![CDATA[admin@192.168.3.155 (Local Database)]]></username>
</revision>
<ppps></ppps>
<gateways>
<gateway_item>
<interface>wan</interface>
<gateway>192.168.3.1</gateway>
<name>WANGW_2</name>
<weight>1</weight>
<ipprotocol>inet</ipprotocol>
<descr><![CDATA[Interface wan Gateway]]></descr>
</gateway_item>
<defaultgw4>WANGW_2</defaultgw4>
<defaultgw6></defaultgw6>
</gateways>
<cert>
<refid></refid>
<descr><![CDATA[webConfigurator default ()]]></descr>
<type>server</type>
<crt></crt>
<prv></prv>
</cert>
<installedpackages>
<package>
<name>Open-VM-Tools</name>
<descr><![CDATA[VMware Tools is a suite of utilities that enhances the performance of the virtual machine's guest operating system and improves management of the virtual machine.]]></descr>
<website>http://open-vm-tools.sourceforge.net/</website>
<version>10.1.0_5,1</version>
<pkginfolink>https://docs.netgate.com/pfsense/en/latest/packages/open-vm-tools.html</pkginfolink>
<configurationfile>open-vm-tools.xml</configurationfile>
<logging>
<logfilename>vmware-vmsvc-root.log</logfilename>
</logging>
<include_file>/usr/local/pkg/open-vm-tools.inc</include_file>
</package>
<service>
<name>vmware-guestd</name>
<rcfile>vmware-guestd.sh</rcfile>
<custom_php_service_status_command>mwexec("/usr/local/etc/rc.d/vmware-guestd status") == 0;</custom_php_service_status_command>
<description><![CDATA[VMware Guest Daemon]]></description>
</service>
<service>
<name>vmware-kmod</name>
<rcfile>vmware-kmod.sh</rcfile>
<custom_php_service_status_command>mwexec("/usr/local/etc/rc.d/vmware-kmod status") == 0;</custom_php_service_status_command>
<description><![CDATA[VMware Kernel Modules]]></description>
</service>
</installedpackages>
<vlans></vlans>
<shaper></shaper>
</pfsense>