@cmb: That sounds like this: https://doc.pfsense.org/index.php/Upgrade_Guide#Console_Problem_Workaround though that shouldn't have just started out of nowhere, it would have happened on the first reboot post-upgrade to 2.2.2 for systems that were affected. The workaround there will get it to boot quickly. Then if you upgrade to 2.2.3, that won't happen again. Sorry for the late reply. Dude, you're a life saver. Thank you so much. I did exactly that : To work around the issue, restart the system and activate option 3 at the pfSense logo boot menu for the Loader Prompt. At the loader prompt, enter: unset boot_serial boot Then I updated to 2.2.3 Then rebooted normally. And everything's good! Thanks again! @muswellhillbilly: PS: I had something similar happen to me a while back. If all else fails, you ought to be able to boot into single-user mode (shows in your YouTube clip), navigate to the /conf folder and pick up the config file by copying it to a USB stick. I did try the single-user mode and the same problem was occurring before the fix above. @muswellhillbilly: @BlazeStar: And of course I don't have a recent backup of my config :'( When you do get your system back up, you can do the following (this is one of many ways to do pretty much the same thing): 1. Log onto your pfSense system on the command line. Write a shell script thusly and save it in your /root folder. Call it something like 'backup.sh': #!/bin/sh cd /conf cat <<end |="" ftp="" 'ftp:="" username:password@myftp.site.com="" '<br="">put ./config.xml END Obviously, substitute 'username', 'password' and 'myftp.site.com' for your corresponding site and credentials. 2. Create a cron job: 00 5 * * 1-5 /root/backup.sh. This will upload your system's config file at 5am every working day.</end> Thank you that's very wise, i'll be creating that cron job for sure!

@daggero: I'm configuring an existing, hand me down, running 24/7, network with me having little knowledge of networking… This always confuses the hell out of me... Why are you doing it - if you don't understand what your doing?  So your the one guy in the office that has a wifi router at home so your the IT guy? Precisely. I'm an IT support staff. I only repair computers, laptops install softwares… we used to be a 2 man team A network Administrator (AWOL) IT support staff (me) Since I have basic to no knowledge in Linux, BSD, and Networking. I became both. I know I don't need to master everything just how things work and where to look if needed. @johnpoz: You keep mentioning wifi routers.. Your going to be using them as AP rights.. Any soho wifi router can be used as just an ap, does not matter what cheap ass home model you think you can run a business with ;)  Turn off their dhcp, connect them to your network via a lan port, change their lan IP to be on the network you connect them too.  There you go $20 AP.. Noted. @johnpoz: I would really look to getting at min some smart switches.. They can be had very cheap.. You don't need a cisco nexus 7k ;)  You can for sure can find smart switches under $100 usd..  What part of the world are you in? I'm from the Philippines… unfortunately. as for the purchases the company is in a really tight budget. And I already raised the issue even to the operations manager. all he said was: "if the old device is still working, I don't see why we have to get a new one? the internet is working. the problem is that it's just too slow. when the IT admin was here it was working great. maybe the problem is in your side check your configuration maybe you clicked on something you shouldn't have. I was just wow... I want to just... smash the AP's with a sledge hammer and leave. but I wan't to fix things first before that, I might learn something while I'm doing it. hahaha after that I'm leaving this hell hole

kernel: re4: discard frame w/o leading ethernet header (len 4294967292 pkt len 4294967292) 4GB Ethernet packet. Increased the bar for "jumbo" frames.

For the future. Rule of thumb, never get anything with RealTek hardware, even if officially supported. Same for Broadcom. I do purchase devices with my blacklisted NICs only if I have an acceptable path to install a NIC of my choosing. Got a motherboard for my desktop with a RealTek, installed an Intel i210. My firewall came with a RealTek, installed an Intel i350.

There are routing complications, as that system isn't going to be the default gateway in such a config. Need a static route on whatever is the default gateway to send the IPsec network over to that system's WAN IP.

@weust: I will give these a go later today or tonight. Thanks for the links. I will report back here on the results for both SMTP servers. Did you get this working?

Thank you jimp for the info.

I have the opposite issue with my ISP. If I get my IP to change by changing my MAC, I will still receive traffic for my old IP including the old MAC until the DHCP lease ends, which is like a week.

Tried that. Changed the MTU on the wan interface (as well, didn't take immediately in the gui either, had to force it from the shell). Frustrated that the (older) sonicwall works fine in similar setup but pfsense fails. This leads me to believe (hope?) that a setting needs changed. Still looking for suggestions! Thanks all.

short and crisp … and it works. - Thanks!

I think TPTB would also like to know your expected load in terms of users and traffic and additional packages you intend to use. Also, there is a sort of consensus to try to use Intel NICs for best driver support and performance/stability.

https://forum.pfsense.org/index.php?topic=95003.0 Well if the modems are similar try this. Ignore UE0 interface and go to PPP and see if you have interfaces like this. cuaU0.1, cuaU0.2 ext…. If you do -then find the correct port(guessing game) and then at bottom of PPP setup page hit advanced and go to modem initialization string and put something like the above post for the string. I used "AT+CFUN=1" as mine. All this does is interrupt the default modem script and use a barebone config, which works with many modern modems...My Ericsson H5321HW had this type issue. Are you sure U3G is not picking it up? PPP Is the only way this will work in pfSense.

Looks like I'm back up!! Also completed a firmware update (was about 2 releases behind). Would still like to know what happened though so I can avoid it in the future.

Some files are expected to change from the baseline, like the password files/databases, config files, and so on. It could be fine-tuned some more to ignore some of those. Long-term it would be nice to have some integrity verification but there is more work to do there yet.