Additionally I added: [23.05.1-RELEASE][admin@azure53.stevew.lan]/root: ln -s /usr/bin/base64 /usr/local/bin/base64 That doesn't appear to be required but it does remove a large number of errors from the waagent logs so I assume it's doing something! I tested restoring from the backups and it was successful. Steve

@sgw said in Undefined symbol "__libc_start1@FBSD_1.7" on pfSense Plus 23.01: I hit this issue again on a SG-7100 today Still on 23.01? The best time to upgrade it is yesterday.

Nice, good result.

@MrTea Is DNS Resolver listening on the LAN interface?

@rcoleman-netgate said in TAC mails out of the blue...?: @furom We have a lot of old tickets (from the first few months of using the new CRM platform) that did not auto-close and we (TAC staff) were instructed to close them a few months back. I only did mine a month ago and I know that the "feedback" emails come on a schedule based on that close - if there was not one sent it would send again. I get them for internal IT-related tickets. Go figure. That said they're not as {add your adjective here} as MicroCenter sending me feedback emails for things I purchased 60-180 days ago. I even got one last month for something I bought in 2019. Thanks for this explanation! It clears it up better for me. I'm sorry to hear of the mails you get for ancient purchase, hope that has an end to it as well. Given your explanation, I should not receive that many more now then I suppose.

@SteveITS Thank YOU.

@stephenw10 said in Wondered Why?: Hmm, not sure what you mean. Why I had asked is I tried pfSense 2.6 I had and experienced the same exact problem that maybe or it's like the NIC had a cache file and if not that, then, the PCIe slot ...I even tried it a i350xt2...got the same thing...also tried a 82575-t2, same. Like somehow the NIC driver is blacklisted...but there is none.

@stephenw10 on his "lan" from where to where is anyone's guess.. Answered it here https://forum.netgate.com/topic/181998/router-safety-blackhats The 3rd post with the same useless info.. without any background or info on where is was gotten, when it was gotten.. This infection likes to use 3 year old versions of firefox it seems ;) version 82?

@Gertjan You are 100% correct, and I am on it!

@sweber I am having the same issue on 2.7.0-RELEASE. I have also imported the signing certs and tried the "Add this Certificate Authority to the Operating System Trust Store" on and off. The diagnostics options are too vague and not detailed enough. I performed a packet capture while testing with the authentication diagnostics and while the actual error is the "unknown CA" packet message, the pfSense authentication diagnostics logs just says "/diag_authentication.php: ERROR! Could not bind to LDAP server LDAP. Please check the bind credentials.". The logs also say "/diag_authentication.php: LDAP Debug: LDAP connection error flag: false" despite me enabling the "Set debug flag" in the Diagnostics / Authentication test page.

@stephenw10 Yes, it uses TSS.MSR TPM stack in order to do device attestation based on the TPM More about hat: https://learn.microsoft.com/en-us/azure/iot-dps/concepts-tpm-attestation

@furom again other then dhcp, which you don't have to enable at all really. When you add a new interface there are no rules. so any client on that network - even if static pointing to pfsense as its gateway or dns, or trying to talk to some other dns or anything on the internet wouldn't get anywhere.

@stephenw10 yes.. I changed it for another option

Yes, something has changed there. Unclear what though. Still digging.

@stephenw10 said in Negate 1100 booting into SOC Boot loader menu.: Steve Thanks a ticket has been submitted

@Happydog The purple note on option 1 for the MS doc I posted is: "This option is not compatible with Microsoft Security Defaults. We recommend using Modern Authentication when connecting with our service. Although SMTP AUTH now supports OAuth, most devices and clients have not been designed to use OAuth with SMTP AUTH. As a result, there are no plans to disable Basic Authentication for SMTP AUTH clients at this time. To find out more about OAuth, see Authenticate an IMAP, POP or SMTP connection using OAuth. You must also verify that SMTP AUTH is enabled for the mailbox being used. SMTP AUTH is disabled for organizations created after January 2020 but can be enabled per-mailbox. For more information, see [Enable or disable authenticated client SMTP submission (SMTP AUTH) in Exchange Online]." If you have a static IP option 3, the connector, is easiest.

@Schmeling Makes sense. I would say that you should get the UPS ASAP though. If there are outages, there are probably also brown outs and spikes that could damage the equipment, and even a sudden outage could cause file corruption on most systems (This is very unlikely on PFsense though since they use ZFS now).

Yes, it's a known bug. Ugly but harmless.

@stephenw10 Starlink is Bi Polar and does play well with others!