Good morning Folks,

this is the error message I was talking of:

An hour ago, just to be sure I wouldn't have any connection problems today, I did a restart via ssh –> 5) Reboot --> Y/y Normal reboot
Result: APU was stuck in boot screen, the last printed line was "BIOS Version 4.6.0". Resetted the box, normal boot went through. On the overview, no IP was assigned to the LAN interface.

Assign IP address --> 2) LAN Interface --> IP --> Netmask --> no Gateway --> no IPv6 --> DHCP --> revert to HTTP=no

ifa_maintain_loopback_route: insertion failed for interface igb1: 17

2nd try assigning an IP address was successful.

/var/log/system.log

Feb 27 06:00:01 pfSense xinetd[23787]: Starting reconfiguration Feb 27 06:00:01 pfSense xinetd[23787]: Swapping defaults Feb 27 06:00:01 pfSense xinetd[23787]: readjusting service check_mk Feb 27 06:00:01 pfSense xinetd[23787]: Reconfigured: new=0 old=1 dropped=0 (services) Feb 27 06:15:01 pfSense xinetd[23787]: Starting reconfiguration Feb 27 06:15:01 pfSense xinetd[23787]: Swapping defaults Feb 27 06:15:01 pfSense xinetd[23787]: readjusting service check_mk Feb 27 06:15:01 pfSense xinetd[23787]: Reconfigured: new=0 old=1 dropped=0 (services) Feb 27 06:15:39 pfSense sshd[28406]: Accepted keyboard-interactive/pam for root from 10.0.10.2 port 1668 ssh2 Feb 27 06:15:50 pfSense php-cgi: rc.initial.reboot: Stopping all packages. Feb 27 06:15:50 pfSense SnortStartup[56363]: Snort STOP for INTERNET(14697_pppoe1)... Feb 27 06:15:51 pfSense snort[75765]: *** Caught Term-Signal Feb 27 06:15:51 pfSense kernel: pppoe1: promiscuous mode disabled Feb 27 06:15:53 pfSense php-cgi: rc.initial.reboot: The command '/usr/bin/killall iperf' returned exit code '1', the output was 'No matching processes were found' Feb 27 06:15:54 pfSense kernel: pid 93610 (ntopng), uid 0: exited on signal 11 (core dumped) Feb 27 06:15:54 pfSense kernel: igb1: promiscuous mode disabled Feb 27 06:15:55 pfSense reboot: rebooted by root Feb 27 06:15:55 pfSense syslogd: exiting on signal 15 Feb 27 06:28:53 pfSense syslogd: kernel boot file is /boot/kernel/kernel Feb 27 06:28:53 pfSense kernel: Copyright (c) 1992-2017 The FreeBSD Project. Feb 27 06:28:53 pfSense kernel: Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 Feb 27 06:28:53 pfSense kernel: The Regents of the University of California. All rights reserved. Feb 27 06:28:53 pfSense kernel: FreeBSD is a registered trademark of The FreeBSD Foundation. Feb 27 06:28:53 pfSense kernel: FreeBSD 11.1-RELEASE-p6 #8 r313908+a5b33c9d1c4(RELENG_2_4): Tue Dec 12 13:51:24 CST 2017 Feb 27 06:28:53 pfSense kernel: root@buildbot2.netgate.com:/builder/ce-242/tmp/obj/builder/ce-242/tmp/FreeBSD-src/sys/pfSense amd64 Feb 27 06:28:53 pfSense kernel: FreeBSD clang version 4.0.0 (tags/RELEASE_400/final 297347) (based on LLVM 4.0.0) Feb 27 06:28:53 pfSense kernel: VT(vga): resolution 640x480 Feb 27 06:28:53 pfSense kernel: CPU: AMD GX-412TC SOC                                (998.15-MHz K8-class CPU) Feb 27 06:28:53 pfSense kernel: Origin="AuthenticAMD"  Id=0x730f01  Family=0x16  Model=0x30  Stepping=1 Feb 27 06:28:53 pfSense kernel: Features=0x178bfbff <fpu,vme,de,pse,tsc,msr,pae,mce,cx8,apic,sep,mtrr,pge,mca,cmov,pat,pse36,clflush,mmx,fxsr,sse,sse2,htt>Feb 27 06:28:53 pfSense kernel: Features2=0x3ed8220b <sse3,pclmulqdq,mon,ssse3,cx16,sse4.1,sse4.2,movbe,popcnt,aesni,xsave,osxsave,avx,f16c>Feb 27 06:28:53 pfSense kernel: AMD Features=0x2e500800 <syscall,nx,mmx+,ffxsr,page1gb,rdtscp,lm>Feb 27 06:28:53 pfSense kernel: AMD Features2=0x1d4037ff <lahf,cmp,svm,extapic,cr8,abm,sse4a,mas,prefetch,osvw,ibs,skinit,wdt,topology,pnxc,dbe,ptsc,pl2i>Feb 27 06:28:53 pfSense kernel: Structured Extended Features=0x8 <bmi1>Feb 27 06:28:53 pfSense kernel: XSAVE Features=0x1 <xsaveopt>Feb 27 06:28:53 pfSense kernel: SVM: NP,NRIP,AFlush,DAssist,NAsids=8 Feb 27 06:28:53 pfSense kernel: TSC: P-state invariant, performance statistics Feb 27 06:28:53 pfSense kernel: real memory  = 5083496448 (4848 MB) Feb 27 06:28:53 pfSense kernel: avail memory = 4063031296 (3874 MB) Feb 27 06:28:53 pfSense kernel: Event timer "LAPIC" quality 100 Feb 27 06:28:53 pfSense kernel: ACPI APIC Table: <core  coreboot=""> Feb 27 06:28:53 pfSense kernel: FreeBSD/SMP: Multiprocessor System Detected: 4 CPUs Feb 27 06:28:53 pfSense kernel: FreeBSD/SMP: 1 package(s) x 4 core(s) Feb 27 06:28:53 pfSense kernel: random: unblocking device. Feb 27 06:28:53 pfSense kernel: ioapic1: Changing APIC ID to 5 Feb 27 06:28:53 pfSense kernel: ioapic0 <version 2.1=""> irqs 0-23 on motherboard Feb 27 06:28:53 pfSense kernel: ioapic1 <version 2.1=""> irqs 24-55 on motherboard Feb 27 06:28:53 pfSense kernel: SMP: AP CPU #1 Launched! Feb 27 06:28:53 pfSense kernel: SMP: AP CPU #2 Launched! Feb 27 06:28:53 pfSense kernel: SMP: AP CPU #3 Launched! Feb 27 06:28:53 pfSense kernel: Timecounter "TSC" frequency 998148610 Hz quality 1000 Feb 27 06:28:53 pfSense kernel: random: entropy device external interface Feb 27 06:28:53 pfSense kernel: wlan: mac acl policy registered Feb 27 06:28:53 pfSense kernel: ipw_bss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw.LICENSE. Feb 27 06:28:53 pfSense kernel: ipw_bss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf. Feb 27 06:28:53 pfSense kernel: module_register_init: MOD_LOAD (ipw_bss_fw, 0xffffffff8065c5a0, 0) error 1 Feb 27 06:28:53 pfSense kernel: ipw_ibss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw.LICENSE. Feb 27 06:28:53 pfSense kernel: ipw_ibss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf. Feb 27 06:28:53 pfSense kernel: module_register_init: MOD_LOAD (ipw_ibss_fw, 0xffffffff8065c650, 0) error 1 Feb 27 06:28:53 pfSense kernel: ipw_monitor: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw.LICENSE. Feb 27 06:28:53 pfSense kernel: ipw_monitor: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf. Feb 27 06:28:53 pfSense kernel: module_register_init: MOD_LOAD (ipw_monitor_fw, 0xffffffff8065c700, 0) error 1 Feb 27 06:28:53 pfSense kernel: iwi_bss: You need to read the LICENSE file in /usr/share/doc/legal/intel_iwi.LICENSE. Feb 27 06:28:53 pfSense kernel: iwi_bss: If you agree with the license, set legal.intel_iwi.license_ack=1 in /boot/loader.conf. Feb 27 06:28:53 pfSense kernel: module_register_init: MOD_LOAD (iwi_bss_fw, 0xffffffff80683360, 0) error 1 Feb 27 06:28:53 pfSense kernel: iwi_ibss: You need to read the LICENSE file in /usr/share/doc/legal/intel_iwi.LICENSE. Feb 27 06:28:53 pfSense kernel: iwi_ibss: If you agree with the license, set legal.intel_iwi.license_ack=1 in /boot/loader.conf. Feb 27 06:28:53 pfSense kernel: module_register_init: MOD_LOAD (iwi_ibss_fw, 0xffffffff80683410, 0) error 1 Feb 27 06:28:53 pfSense kernel: iwi_monitor: You need to read the LICENSE file in /usr/share/doc/legal/intel_iwi.LICENSE. Feb 27 06:28:53 pfSense kernel: iwi_monitor: If you agree with the license, set legal.intel_iwi.license_ack=1 in /boot/loader.conf. Feb 27 06:28:53 pfSense kernel: module_register_init: MOD_LOAD (iwi_monitor_fw, 0xffffffff806834c0, 0) error 1 Feb 27 06:28:53 pfSense kernel: kbd0 at kbdmux0 Feb 27 06:28:53 pfSense kernel: netmap: loaded module Feb 27 06:28:53 pfSense kernel: module_register_init: MOD_LOAD (vesa, 0xffffffff81158310, 0) error 19 Feb 27 06:28:53 pfSense kernel: nexus0 Feb 27 06:28:53 pfSense kernel: vtvga0: <vt vga="" driver=""> on motherboard Feb 27 06:28:53 pfSense kernel: cryptosoft0: <software crypto=""> on motherboard Feb 27 06:28:53 pfSense kernel: padlock0: No ACE support. Feb 27 06:28:53 pfSense kernel: acpi0: <core coreboot=""> on motherboard Feb 27 06:28:53 pfSense kernel: acpi0: Power Button (fixed) Feb 27 06:28:53 pfSense kernel: cpu0: <acpi cpu=""> on acpi0 Feb 27 06:28:53 pfSense kernel: cpu1: <acpi cpu=""> on acpi0 Feb 27 06:28:53 pfSense kernel: cpu2: <acpi cpu=""> on acpi0 Feb 27 06:28:53 pfSense kernel: cpu3: <acpi cpu=""> on acpi0 Feb 27 06:28:53 pfSense kernel: atrtc0: <at realtime="" clock=""> port 0x70-0x71 irq 8 on acpi0 Feb 27 06:28:53 pfSense kernel: Event timer "RTC" frequency 32768 Hz quality 0 Feb 27 06:28:53 pfSense kernel: attimer0: <at timer=""> port 0x40-0x43 irq 0 on acpi0 Feb 27 06:28:53 pfSense kernel: Timecounter "i8254" frequency 1193182 Hz quality 0 Feb 27 06:28:53 pfSense kernel: Event timer "i8254" frequency 1193182 Hz quality 100 Feb 27 06:28:53 pfSense kernel: hpet0: <high precision="" event="" timer=""> iomem 0xfed00000-0xfed003ff on acpi0 Feb 27 06:28:53 pfSense kernel: Timecounter "HPET" frequency 14318180 Hz quality 950 Feb 27 06:28:53 pfSense kernel: Timecounter "ACPI-safe" frequency 3579545 Hz quality 850 Feb 27 06:28:53 pfSense kernel: acpi_timer0: <32-bit timer at 3.579545MHz> port 0x818-0x81b on acpi0 Feb 27 06:28:53 pfSense kernel: acpi_button0: <power button=""> on acpi0 Feb 27 06:28:53 pfSense kernel: pcib0: <acpi host-pci="" bridge=""> port 0xcf8-0xcff on acpi0 Feb 27 06:28:53 pfSense kernel: pci0: <acpi pci="" bus=""> on pcib0 Feb 27 06:28:53 pfSense kernel: pcib1: <acpi pci-pci="" bridge=""> irq 25 at device 2.2 on pci0 Feb 27 06:28:53 pfSense kernel: pcib1: failed to allocate initial I/O port window: 0x1000-0x1fff Feb 27 06:28:53 pfSense kernel: pci1: <acpi pci="" bus=""> on pcib1 Feb 27 06:28:53 pfSense kernel: igb0: <intel(r) 1000="" pro="" network="" connection,="" version="" -="" 2.5.3-k=""> mem 0xf7a00000-0xf7a1ffff,0xf7a20000-0xf7a23fff irq 28 at device 0.0 on pci1 Feb 27 06:28:53 pfSense kernel: igb0: Using MSIX interrupts with 5 vectors Feb 27 06:28:53 pfSense kernel: igb0: Ethernet address: 00:0d:b9:48:92:10 Feb 27 06:28:53 pfSense kernel: igb0: Bound queue 0 to cpu 0 Feb 27 06:28:53 pfSense kernel: igb0: Bound queue 1 to cpu 1 Feb 27 06:28:53 pfSense kernel: igb0: Bound queue 2 to cpu 2 Feb 27 06:28:53 pfSense kernel: igb0: Bound queue 3 to cpu 3 Feb 27 06:28:53 pfSense kernel: igb0: netmap queues/slots: TX 4/1024, RX 4/1024 Feb 27 06:28:53 pfSense kernel: pcib2: <acpi pci-pci="" bridge=""> irq 26 at device 2.3 on pci0 Feb 27 06:28:53 pfSense kernel: pci2: <acpi pci="" bus=""> on pcib2 Feb 27 06:28:53 pfSense kernel: igb1: <intel(r) 1000="" pro="" network="" connection,="" version="" -="" 2.5.3-k=""> port 0x2000-0x201f mem 0xf7b00000-0xf7b1ffff,0xf7b20000-0xf7b23fff irq 32 at device 0.0 on pci2 Feb 27 06:28:53 pfSense kernel: igb1: Using MSIX interrupts with 5 vectors Feb 27 06:28:53 pfSense kernel: igb1: Ethernet address: 00:0d:b9:48:92:11 Feb 27 06:28:53 pfSense kernel: igb1: Bound queue 0 to cpu 0 Feb 27 06:28:53 pfSense kernel: igb1: Bound queue 1 to cpu 1 Feb 27 06:28:53 pfSense kernel: igb1: Bound queue 2 to cpu 2 Feb 27 06:28:53 pfSense kernel: igb1: Bound queue 3 to cpu 3 Feb 27 06:28:53 pfSense kernel: igb1: netmap queues/slots: TX 4/1024, RX 4/1024 Feb 27 06:28:53 pfSense kernel: pcib3: <acpi pci-pci="" bridge=""> at device 2.4 on pci0 Feb 27 06:28:53 pfSense kernel: pci3: <acpi pci="" bus=""> on pcib3 Feb 27 06:28:53 pfSense kernel: igb2: <intel(r) 1000="" pro="" network="" connection,="" version="" -="" 2.5.3-k=""> port 0x3000-0x301f mem 0xf7c00000-0xf7c1ffff,0xf7c20000-0xf7c23fff at device 0.0 on pci3 Feb 27 06:28:53 pfSense kernel: igb2: Using MSIX interrupts with 5 vectors Feb 27 06:28:53 pfSense kernel: igb2: Ethernet address: 00:0d:b9:48:92:12 Feb 27 06:28:53 pfSense kernel: igb2: Bound queue 0 to cpu 0 Feb 27 06:28:53 pfSense kernel: igb2: Bound queue 1 to cpu 1 Feb 27 06:28:53 pfSense kernel: igb2: Bound queue 2 to cpu 2 Feb 27 06:28:53 pfSense kernel: igb2: Bound queue 3 to cpu 3 Feb 27 06:28:53 pfSense kernel: igb2: netmap queues/slots: TX 4/1024, RX 4/1024 Feb 27 06:28:53 pfSense kernel: pci0: <encrypt decrypt=""> at device 8.0 (no driver attached) Feb 27 06:28:53 pfSense kernel: xhci0: <amd fch="" usb="" 3.0="" controller=""> mem 0xf7f22000-0xf7f23fff irq 18 at device 16.0 on pci0 Feb 27 06:28:53 pfSense kernel: xhci0: 32 bytes context size, 64-bit DMA Feb 27 06:28:53 pfSense kernel: xhci0: Unable to map MSI-X table Feb 27 06:28:53 pfSense kernel: usbus0 on xhci0 Feb 27 06:28:53 pfSense kernel: usbus0: 5.0Gbps Super Speed USB v3.0 Feb 27 06:28:53 pfSense kernel: ahci0: <amd hudson-2="" ahci="" sata="" controller=""> port 0x4010-0x4017,0x4020-0x4023,0x4018-0x401f,0x4024-0x4027,0x4000-0x400f mem 0xf7f25000-0xf7f253ff at device 17.0 on pci0 Feb 27 06:28:53 pfSense kernel: ahci0: AHCI v1.30 with 2 6Gbps ports, Port Multiplier supported with FBS Feb 27 06:28:53 pfSense kernel: ahcich0: <ahci channel=""> at channel 0 on ahci0 Feb 27 06:28:53 pfSense kernel: ahcich1: <ahci channel=""> at channel 1 on ahci0 Feb 27 06:28:53 pfSense kernel: ehci0: <amd fch="" usb="" 2.0="" controller=""> mem 0xf7f26000-0xf7f260ff irq 18 at device 19.0 on pci0 Feb 27 06:28:53 pfSense kernel: usbus1: EHCI version 1.0 Feb 27 06:28:53 pfSense kernel: usbus1 on ehci0 Feb 27 06:28:53 pfSense kernel: usbus1: 480Mbps High Speed USB v2.0 Feb 27 06:28:53 pfSense kernel: isab0: <pci-isa bridge=""> at device 20.3 on pci0 Feb 27 06:28:53 pfSense kernel: isa0: <isa bus=""> on isab0 Feb 27 06:28:53 pfSense kernel: sdhci_pci0: <generic sd="" hci=""> mem 0xf7f27000-0xf7f270ff at device 20.7 on pci0 Feb 27 06:28:53 pfSense kernel: sdhci_pci0: 1 slot(s) allocated Feb 27 06:28:53 pfSense kernel: orm0: <isa option="" rom=""> at iomem 0xef000-0xeffff on isa0 Feb 27 06:28:53 pfSense kernel: ppc0: cannot reserve I/O port range Feb 27 06:28:53 pfSense kernel: uart0: <16550 or compatible> at port 0x3f8 irq 4 flags 0x10 on isa0 Feb 27 06:28:53 pfSense kernel: uart0: console (115200,n,8,1) Feb 27 06:28:53 pfSense kernel: uart1: <16550 or compatible> at port 0x2f8 irq 3 on isa0 Feb 27 06:28:53 pfSense kernel: hwpstate0: <cool`n'quiet 2.0=""> on cpu0 Feb 27 06:28:53 pfSense kernel: ZFS NOTICE: Prefetch is disabled by default if less than 4GB of RAM is present; Feb 27 06:28:53 pfSense kernel: to enable, add "vfs.zfs.prefetch_disable=0" to /boot/loader.conf. Feb 27 06:28:53 pfSense kernel: ZFS filesystem version: 5 Feb 27 06:28:53 pfSense kernel: ZFS storage pool version: features support (5000) Feb 27 06:28:53 pfSense kernel: Timecounters tick every 1.000 msec Feb 27 06:28:53 pfSense kernel: nvme cam probe device init Feb 27 06:28:53 pfSense kernel: ugen0.1: <0x1022 XHCI root HUB> at usbus0 Feb 27 06:28:53 pfSense kernel: ugen1.1: <amd ehci="" root="" hub=""> at usbus1 Feb 27 06:28:53 pfSense kernel: uhub0: <0x1022 XHCI root HUB, class 9/0, rev 3.00/1.00, addr 1> on usbus0 Feb 27 06:28:53 pfSense kernel: uhub1: <amd 1="" 9="" ehci="" root="" hub,="" class="" 0,="" rev="" 2.00="" 1.00,="" addr=""> on usbus1 Feb 27 06:28:53 pfSense kernel: uhub0: 4 ports with 4 removable, self powered Feb 27 06:28:53 pfSense kernel: uhub1: 2 ports with 2 removable, self powered Feb 27 06:28:53 pfSense kernel: ugen1.2: <vendor 0x0438="" product="" 0x7900=""> at usbus1 Feb 27 06:28:53 pfSense kernel: uhub2 on uhub1 Feb 27 06:28:53 pfSense kernel: uhub2: <vendor 2="" 9="" 0x0438="" product="" 0x7900,="" class="" 0,="" rev="" 2.00="" 0.18,="" addr=""> on usbus1 Feb 27 06:28:53 pfSense kernel: uhub2: 4 ports with 4 removable, self powered Feb 27 06:28:53 pfSense kernel: ada0 at ahcich0 bus 0 scbus0 target 0 lun 0 Feb 27 06:28:53 pfSense kernel: ada0: <sata ssd="" sbfm01.0=""> ACS-4 ATA SATA 3.x device Feb 27 06:28:53 pfSense kernel: ada0: Serial Number A46207780BBF00118119 Feb 27 06:28:53 pfSense kernel: ada0: 600.000MB/s transfers (SATA 3.x, UDMA6, PIO 8192bytes) Feb 27 06:28:53 pfSense kernel: ada0: Command Queueing enabled Feb 27 06:28:53 pfSense kernel: ada0: 15272MB (31277232 512 byte sectors) Feb 27 06:28:53 pfSense kernel: Trying to mount root from zfs:zroot/ROOT/default []... Feb 27 06:28:53 pfSense kernel: padlock0: No ACE support. Feb 27 06:28:53 pfSense kernel: aesni0: <aes-cbc,aes-xts,aes-gcm,aes-icm> on motherboard Feb 27 06:28:53 pfSense kernel: amdtemp0: <amd cpu="" on-die="" thermal="" sensors=""> on hostb5 Feb 27 06:28:53 pfSense kernel: vlan0: changing name to 'igb0.7' Feb 27 06:28:53 pfSense kernel: ng0: changing name to 'pppoe1' Feb 27 06:28:53 pfSense kernel: igb0: link state changed to UP Feb 27 06:28:53 pfSense kernel: igb0.7: link state changed to UP Feb 27 06:28:53 pfSense kernel: igb1: link state changed to UP Feb 27 06:28:53 pfSense kernel: pflog0: promiscuous mode enabled Feb 27 06:28:53 pfSense kernel: DUMMYNET 0 with IPv6 initialized (100409) Feb 27 06:28:53 pfSense kernel: load_dn_sched dn_sched FIFO loaded Feb 27 06:28:53 pfSense kernel: load_dn_sched dn_sched QFQ loaded Feb 27 06:28:53 pfSense kernel: load_dn_sched dn_sched RR loaded Feb 27 06:28:53 pfSense kernel: load_dn_sched dn_sched WF2Q+ loaded Feb 27 06:28:53 pfSense kernel: load_dn_sched dn_sched PRIO loaded Feb 27 06:28:53 pfSense kernel: load_dn_sched dn_sched FQ_CODEL loaded Feb 27 06:28:53 pfSense kernel: load_dn_sched dn_sched FQ_PIE loaded Feb 27 06:28:53 pfSense kernel: load_dn_aqm dn_aqm CODEL loaded Feb 27 06:28:53 pfSense kernel: load_dn_aqm dn_aqm PIE loaded Feb 27 06:28:53 pfSense kernel: ifa_maintain_loopback_route: insertion failed for interface igb1: 17 Feb 27 06:28:53 pfSense kernel: tun1: changing name to 'ovpns1' Feb 27 06:28:53 pfSense kernel: ovpns1: link state changed to UP Feb 27 06:28:53 pfSense kernel: pppoe1: promiscuous mode enabled Feb 27 06:28:53 pfSense kernel: igb1: promiscuous mode enabled Feb 27 06:28:53 pfSense kernel: ifa_maintain_loopback_route: insertion failed for interface igb1: 17 Feb 27 06:29:51 pfSense login: login on ttyu0 as root Feb 27 06:29:51 pfSense sshlockout[15463]: sshlockout/webConfigurator v3.0 starting up Feb 27 06:29:58 pfSense sshd[18134]: Accepted keyboard-interactive/pam for root from x.x.x.x port 53707 ssh2 Feb 27 06:30:01 pfSense xinetd[14996]: Starting reconfiguration Feb 27 06:30:01 pfSense xinetd[14996]: Swapping defaults Feb 27 06:30:01 pfSense xinetd[14996]: readjusting service check_mk Feb 27 06:30:01 pfSense xinetd[14996]: Reconfigured: new=0 old=1 dropped=0 (services)</amd></aes-cbc,aes-xts,aes-gcm,aes-icm></sata></vendor></vendor></amd></amd></cool`n'quiet></isa></generic></isa></pci-isa></amd></ahci></ahci></amd></amd></encrypt></intel(r)></acpi></acpi></intel(r)></acpi></acpi></intel(r)></acpi></acpi></acpi></acpi></power></high></at></at></acpi></acpi></acpi></acpi></core></software></vt></version></version></core ></xsaveopt></bmi1></lahf,cmp,svm,extapic,cr8,abm,sse4a,mas,prefetch,osvw,ibs,skinit,wdt,topology,pnxc,dbe,ptsc,pl2i></syscall,nx,mmx+,ffxsr,page1gb,rdtscp,lm></sse3,pclmulqdq,mon,ssse3,cx16,sse4.1,sse4.2,movbe,popcnt,aesni,xsave,osxsave,avx,f16c></fpu,vme,de,pse,tsc,msr,pae,mce,cx8,apic,sep,mtrr,pge,mca,cmov,pat,pse36,clflush,mmx,fxsr,sse,sse2,htt>

Output of the serial console:

FreeBSD/amd64 (pfSense.home) (ttyu0) pfSense - Netgate Device ID: 32d773046f502a8401b8 *** Welcome to pfSense 2.4.2-RELEASE-p1 (amd64) on pfSense *** INTERNET (wan)  -> pppoe1    -> v4/PPPoE: x.x.x.x/32 LAN (lan)      -> igb1      -> 0) Logout (SSH only)                  9) pfTop 1) Assign Interfaces                10) Filter Logs 2) Set interface(s) IP address      11) Restart webConfigurator 3) Reset webConfigurator password    12) PHP shell + pfSense tools 4) Reset to factory defaults        13) Update from console 5) Reboot system                    14) Disable Secure Shell (sshd) 6) Halt system                      15) Restore recent configuration 7) Ping host                        16) Restart PHP-FPM 8) Shell Enter an option: 2 2 Available interfaces: 1 - INTERNET (pppoe1) 2 - LAN (igb1 - static) Enter the number of the interface you wish to configure: Enter the new LAN IPv4 address.  Press <enter>for none: > x.x.x.x Subnet masks are entered as bit counts (as in CIDR notation) in pfSense. e.g. 255.255.255.0 = 24     255.255.0.0  = 16     255.0.0.0    = 8 Enter the new LAN IPv4 subnet bit count (1 to 31): > 17 For a WAN, enter the new LAN IPv4 upstream gateway address. For a LAN, press <enter>for none: > Enter the new LAN IPv6 address.  Press <enter>for none: > Do you want to enable the DHCP server on LAN? (y/n) y Enter the start address of the IPv4 client address range: x.x.x.200 Enter the end address of the IPv4 client address range: x.x.x.250 Do you want to revert to HTTP as the webConfigurator protocol? (y/n) n Please wait while the changes are saved to LAN...ifa_maintain_loopback_route: insertion failed for interface igb1: 17 Reloading filter... Reloading routing configuration... DHCPD... The IPv4 LAN address has been set to x.x.x.x/17 You can now access the webConfigurator by opening the following URL in your webbrowser:                 https://x.x.x.x/ Press <enter>to continue.</enter></enter></enter></enter>

You can locate a partner in your area and ask there  https://www.netgate.com/partners/locator.html
or get a Gold Membership and start reading. Shouldn't be too hard if you know Cisco routers already.

@curtisgrice:

You would need to run a traceroute to the netalyzr.icsi.berkeley.edu testing host (not necessarily that address). from that you can look at the DNS ptr records (host names found by IP) to get a sense of where that is.

The address it reported could be an address in your ISPs network or just an IP on an interface on a router along the way.

Also try both ICMP and TCP traceroute as many transit routers cant be bothered to reply to a ICMP/UDP ping.

I have not tried the ICMP traceroot yet but have tried the TCP traceroot and unfortunately it was unrevealing as well. I do know now though that it is not coming from pfSense or my home network as I have removed pfsense from the network temporarily for testing. My configuration is now ISP > Modem/router > Testing PC.

@Grimson:

In that case you can also use an RPI2 or 3 to run the controller on. Maybe you have one collecting dust somewhere.

Running the controller on the pfSense OS can have unforseen issues when pfSense upgrades or a controller upgrade installs conflicting packets. If you absolutely need to run both on the same hardware I'd strongly agree with johnpoz, put each into it's own VM.

Good points there. Thanks. I don't have an RPI but I do have a Macbook that runs 24/7 so could use that. Also I have a QNAP NAS running 24/7 and I believe you can run the Unifi controller as a package or via a docker.

@Gertjan: sorry, yes i have two wan connections. i was referring to them as they are in the status/gateways and the gateway groups. i have one on tier 1, and the other on tier 2, so it should fail over (which it does). the problem is the gateway down notification. i never receive those, only gateway up notifications:

MONITOR: WANGW is available now, adding to routing group WAN_Group 8.8.8.8

@jimp: i'll set default gateway switching and if that doesnt help will try 2.4.3.

https://doc.pfsense.org/index.php/Why_are_some_passwords_stored_in_plaintext_in_config.xml

If you are worried about someone seeing the contents of config.xml, then they shouldn't have access to anything that can read config.xml.

"Normal" is, this :
A device - a PC - on your LAN, hook it up as when it came out of the box :

C:\Users\Réception-Gauche>ipconfig /all Configuration IP de Windows Carte Ethernet Connexion au réseau local :   Description. . . . . . . . . . . . . . : Broadcom NetLink (TM) Gigabit Ethernet   DHCP activé. . . . . . . . . . . . . . : Oui   Configuration automatique activée. . . : Oui   Adresse IPv6\. . . . . . . . . . . . . .: 2001:470:1f13:5c0:2::c6(préféré)   Bail obtenu. . . . . . . . . . . . . . : lundi 26 février 2018 06:45:20   Bail expirant. . . . . . . . . . . . . : lundi 26 février 2018 08:45:20   Adresse IPv6 de liaison locale. . . . .: fe80::75cd:7073:d0a4:bc7c%10(préféré)   Adresse IPv4\. . . . . . . . . . . . . .: 192.168.1.6(préféré)   Masque de sous-réseau. . . . . . . . . : 255.255.255.0   Bail obtenu. . . . . . . . . . . . . . : mercredi 14 février 2018 10:25:15   Bail expirant. . . . . . . . . . . . . : mardi 27 février 2018 06:45:19   Passerelle par défaut. . . . . . . . . : fe80::212:3fff:feb3:5875%10                                       192.168.1.1   Serveur DHCP . . . . . . . . . . . . . : 192.168.1.1   IAID DHCPv6 . . . . . . . . . . . : 246983791   DUID de client DHCPv6\. . . . . . . . : 00-01-00-01-14-20-18-E3-B8-AC-6F-47-2C-77   Serveurs DNS. . .  . . . . . . . . . . : 2001:470:1f13:5c0:2::1                                       192.168.1.1   NetBIOS sur Tcpip. . . . . . . . . . . : Activé

So, gateway and DNS are set to 192.168.1.1 - my pfSense. This isfo was given to my PC by pfSense.

pfSense : I never touched the DNS settings, use settings out of the box.
Set up my WAN connection using DHCP-clientso it obtains an IP from my upstream ISP router, and done.

My System => General Setup is pretty empty, I only set a host name and domain name for pfSense.
On  Status => Dashboard => Status => Dashboard says for DNS server(s) : 127.0.0.1

LAN firewall rule : a big pass all rule (TCP,UDP,ICMP,IPv4,IPv6)

That's it.

Actually, pfSense behaves exactly identical to any any other box that an ISP gives you : hook up to power, setup WAN, slide in a LAN cable and your online.
Never actually understood why people want something from 8.8.8.8 or 8.8.4.4 …  ;)

169.254.0.0 /16 is called APIPA (automatic private IP addressing) and not specific to an operating system.
https://wiki.wireshark.org/APIPA

@smegheed:

root /usr/local/bin/screen usr/local/bin/stunnel screen -dmS tunnel stunnel vpn.ssl ?

:o

Take your command and add the full path to binaries and (config) files. So:

screen -dmS tunnel stunnel vpn.ssl

becomes

/usr/local/bin/screen -dmS tunnel /usr/local/bin/stunnel /root/vpn.ssl

Note: Paths in the example above are just guessed, so make sure they are correct.

Also I'd advise to use the shellcmd and cron packages to configure this instead of messing with the config.xml by hand.

Thank you for the great discussion everyone. Lots of good info.

What is in the log?
With UPS not connected I see the same "Failed to retrieve status" on UPS Status page and lots of messages from upsd and upsmon in the log.
What is the part number of the cable you have? Something like 940-XXXX
Do you have the same software (NUT) on your web server where you tested your UPS?

Thanks!

#!/usr/local/bin/php -f # # Script to check the Version and print a Output in the Nagios-Plugin-Syntax # require("globals.inc"); require("config.inc"); require("functions.inc"); require_once("pkg-utils.inc"); $system_version = get_system_pkg_version(true, false); $iCheckExitCode = 3; if (!is_array($system_version) || !isset($system_version['version']) || !isset($system_version['installed_version'])) {         echo "Uknown - Error in version information";         exit( $iCheckExitCode ); }         switch ($system_version['pkg_version_compare']) {         case '<':                 echo "Critical -  Version " . $system_version['version'] . " is available.";                 $iCheckExitCode = 2;                 break;         case '=':                 echo "Ok - The system is on the latest versioni (" . $system_version['installed_version'] . ").";                 $iCheckExitCode = 0;                 break;         case '>':                 echo "Warning - The system is on a later version than official release.";                 $iCheckExitCode = 1;                 break;         default:                 echo "Unknown - Error comparing installed with latest version available";                 $iCheckExitCode = 3;                 break;         } exit( $iCheckExitCode ); ?>

So your using squid?  And blocking say www.facebook.com but they are getting through via https?

To give you the best solution some more context would be helpful.  Why are you wanting to block this, is this a work setting, home, school are you using proxy or squidguard currently, etc.

This is the current/correct code for that section:

// Gateway selector is populated by JavaScript updateGWselect() function $section->addInput(new Form_Select( 'gateway', 'Gateway', '', [] ))->setHelp('Leave as \'default\' to use the system routing table. Or choose a '. 'gateway to utilize policy based routing. %sGateway selection is not valid for "IPV4+IPV6" address family.', array(' ')); $group = new Form_Group('In / Out pipe');

I don't know why your system is not picking up the current version (2.3.6.a.20180223.0519) Try option 13 from the command line interface and see if that helps.

Thanks for doing that JohnPoz.

This is the answer I expected but I wanted to cover all the bases.

The issue is obviously something between what IISCrypto is showing and what the server is actually using.