Ah, cool! Shouldn't be required though, be good to find out what's actually causing that. Someday!

Anyway glad we were able to get a workaround in place. 👍

@jmbraben Restore reinstalls all packages which would pull the files from the latest 2.7.x as I recall. Starting in 2.7.2 one has to manually change the update branch to move to the next version do it is safer now.

The problem is, let’s say the current version has a later PHP and a package is dependent on PHP, it will install the later version which may not work with 2.7.0 code. Or similar with various libraries.

.1 fixed several security flaws: https://docs.netgate.com/pfsense/en/latest/releases/2-7-1.html#security

@jonatkins said in pfSense 2.7 makes HP printers crash:

Any specific patches I should enable? I can't see anything relevant.

I am not sure, but you can try apply all recommended patches, just for test, i think most of them anyway will be applied on the next version available.

Good job! Perhaps you could document it for other users?

Ah, OK. Well the switch and vlan setup is the same. 😁

The only thing I can think of that might possibly be affected is the filtering change. Try setting 'IPsec Filter Mode' to assigned interfaces in the IPSec advanced settings.

However if that was the issue I'd expect to see blocked traffic in the firewall logs. Unless you have custom block rules without logging maybe?

Try running top with:
top -HaSP

That should show you what's using the CPU.

Same issue on clean 2.7.2 install (bare metal)

Solution:
Install system_patches in package manager, apply all patches, reboot ;)

I should delete everything

The important thing is that it uses a globally routable address rather than the WAN link-local address automatically. So you only need a public address on any interface for pfSense itself to have IPv6 connectivity.

@darcey

Cool !

[24.03-RELEASE][root@pfSense.bhf.tld]/root: ppp-uptime.sh ovpns1 93693

uptime of my OpenVPN server ...

Try manually reloading the ruleset in Status > Filter Reload. See what errors are shown exactly.

Steve

Module/library errors like that are almost always because pfSense has pulled in newer pkgs somehow. Did you ever select the 24.08 update branch?

Those could also be logged during an upgrade. Did you upgrade to 24.03 recently?

It might be set to use the serial console as primary. It would usually show the console menu on both consoles if it boots correctly. You can try forcing the video console at boot:

https://docs.netgate.com/pfsense/en/latest/troubleshooting/boot-issues.html#booting-with-an-alternate-console

Yup we can convert that for you if you open a ticket: https://www.netgate.com/tac-support-request

Otherwise you should be able to import the old config whilst checking the 'preserve switch config' option and then reassign the interfaces as the VLANs. But I would just open a ticket!

Steve

Hmm, well I'd try a packet capture on the tunnel and see if the download is being fragmented or there are retransmissions etc.

It uses the ssh key which should be in the backup config.

I assume you mean the ACB key? If you send me the NDI or Hint/Identifier in chat I can try to look it up for you.

Steve

As a test try just linking two ports together directly and then check the link state at the CLI with ifconfig -v.

There shouldn't be an issue linking at 1G. You may have a bad port.

@stephenw10 Ah, I see. Thanks!

@tomasenskede said in The renewal of certificates does not take place:

So, why didnt the auto update ran

It did :

f55ea3b5-5e4b-478f-aed9-8a88b7fd89c8-image.png

or was to you, at 03h16 AM (middel in the night for me) clicking on 'run' ?