Installation and Upgrades

• B

  Pkg.pfsense.org appears to be dead
  • basic612  

  15
  0
  Votes
  15
  Posts
  13342
  Views

  P

  bonnie222, I have to agree with johnpoz.  You have something going on with your DNS configuration.  Have you checked your DNS settings to make sure you have a DNS server configured?  Can you successfully look up A records for sites like www.pfsense.org and files00.netgate.com.  If you can't do A record lookups you certainly aren't going to be able to do SRV record lookups. There is an option under 'System -> General Setup -> DNS Server Settings' that allows your ISP DHCP settings to override the local DNS server settings.  If you are using DHCP from your ISP and using their DNS servers make sure this is checked. This should not be unchecked unless you have your own DNS servers, you want to use different DNS servers (like google), or your ISP doesn't provide DNS via DHCP.  If the box is unchecked you have to manually configure DNS servers. If your box has Internet access to google's DNS servers you can test by using 8.8.8.8  as a DNS Server, uncheck 'DNS Server Override" and check the "Disable DNS Forwarder'.  This will skip using the pfSense box for DNS and go directly to Google's DNS server.  If this works then either your ISP isn't providing a DNS server via DHCP and you need to configure a DNS server manually or your own DNS server is filtering what you are allowed to resolve. Hope this helps.
• P

  HOW TO: 2.4.0 ZFS Install, RAM Disk, Hot Spare, Snapshot, Resilver Root Drive
  • pfBasic  

  42
  0
  Votes
  42
  Posts
  25808
  Views

  K

  So is there still no "official" way to have all files in the disk to be included with the 2-copies scheme of set (when "zfs set copies=2 zroot" is set) after installation? I can't find anything in the Internet that answers this.
• 

  2.3.x "Unable to check for updates"/"Unable to retrieve package information"
  • jimp  

  3
  0
  Votes
  3
  Posts
  11217
  Views

  

  Please do not post other update failures to this thread, as they are highly unlikely to be related. Start new threads for different errors.
• C

  Gateway monitoring not working post-2.3 upgrade? Read here
  • cmb  

  17
  0
  Votes
  17
  Posts
  16396
  Views

  I

  @cmb: If your gateway monitoring isn't working post-2.3 upgrade, it's likely one of two things. Verify advanced options are sane Browse to System>Routing and edit the gateway that's down. Then click Save. That will trigger the input validation that makes sure the configuration is valid, especially the advanced options. You may have had options set for apinger that are not valid for dpinger. If you get any errors upon saving, fix them, save, and apply changes. Set ping payload size Some modems have a bug that makes them drop pings with 0 byte payloads. dpinger uses a 0 byte payload by default because there isn't a need to include one and unnecessarily chew up bandwidth. If you have such a buggy upstream device, you'll need to set the payload to something greater than 0. System>Routing, edit the gateway, go to Advanced, and set payload to 1. Save and apply changes. Yes, it works again  ;D
• 

  Issues updating from 2.3-RC (or older 2.3 installs) to 2.3-RELEASE
  • jimp  

  65
  0
  Votes
  65
  Posts
  67546
  Views

  W

  please check your pfsense date and time .
• S

  High CPU usage after update from 2.3.4 to 2.4.0
  • stevebaynet  

  5
  0
  Votes
  5
  Posts
  50
  Views

  

  Probably this: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=215471 Try removing the virtual cd drive. Steve
• C

  Factory reset from Shell (Single User Mode)
  • chrisarm  

  5
  0
  Votes
  5
  Posts
  45
  Views

  

  On install of OS you have options to recover config.xml from previous install before format drive. FYI: now you can auto backup config for free out of box to netgate servers in encrypted way. Or if you have paranoid you can use curl script to download backups on another unix-based machine internally.
• A

  One interface loses internet access and I could get it back only after reboot the pfsense
  • ady2  

  23
  0
  Votes
  23
  Posts
  420
  Views

  P

  I have a similar kind of issue. Once you find the solution let me know by posting here.
• P

  2.3.5 on HP T610 Plus
  • Presbuteros  

  11
  0
  Votes
  11
  Posts
  70
  Views

  P

  I completed the install with pfSense-CE-memstick-2.4.4-RELEASE-p3-amd64.img I put the Allied Telesis 2711FX back in and it goes back into a panic. Seems others have run into no support for this card in freebsd. http://freebsd.1045724.x6.nabble.com/12-STABLE-CURRENT-Dell-PowerEdge-2950-Allied-Telesis-AT-2711FX-SC-100MBit-fibre-NIC-not-recognized-td6328982.html
• O

  random sources feed: rs_read for hardware device 'intel secure' key ring" returned no entropy
  • ozlecz  

  8
  0
  Votes
  8
  Posts
  23
  Views

  N

  @NogBadTheBad said in random sources feed: rs_read for hardware device 'intel secure' key ring" returned no entropy: Anything in the BIOS that can be switched off for the Intel secure key ring / random number generator ? https://software.intel.com/en-us/blogs/2012/05/14/what-is-intelr-secure-key-technology You may be better looking in the FreeBSD forums, I'm not sure if pfSense even uses the Intel RNG maybe @jimp or someone else from @netgate
• K

  odd issue with ram?
  • killmasta93  

  13
  0
  Votes
  13
  Posts
  145
  Views

  

  @biggsy said in odd issue with ram?: @bmeeks Thanks for the link. I think I get what it's all about. Just found it strange that both topics seemed to be about memory shortage under two different hypervisors. I found precious little information about that specific error. In fact, practically nothing. I did see SRAT issues mentioned for ESXi and Hyper-V, though. It might take looking into some hypervisor source code to see what the error really means. Hopefully such code is commented enough that you could discern what might be up.
• E

  Asrock Q1900M install
  • enigmen  

  11
  0
  Votes
  11
  Posts
  86
  Views

  E

  I connected hdd to another motherboard and the system booted. I made the setting and returned hdd to q1900m. Now I go through web interface
• H

  Intel 10G "aq_error 14" did anyone find a fix for 2.4.4.p3?
  • Hass  

  2
  0
  Votes
  2
  Posts
  64
  Views

  H

  Just a heads up we moved the LAGG to an Intel X550-T2 and this appears to have removed (dodged) the issue
• R

  Pfsense Install on Nokia IP390
  • RBT-RS  

  118
  0
  Votes
  118
  Posts
  18922
  Views

  P

  there are 3 LED related functions in the Check Point kernel ... janus_pld_red_led_set (Bit 0x01) janus_pld_yellow_led_set (Bit 0x02) janus_pld_green_led_set (Bit 0x08) they write to port 0x348 ... this seems to be the Altera MAX II chip (PLD) next to the diag display btw: the PLD also monitors powersupply status ... and there are 4 LED related functions for 'Phalanx PLD' ... phalanx_pld_red_led_set phalanx_pld_yellow_led_set phalanx_pld_green_led_set phalanx_pld_disk_led_set ***** this might be the explanation for the 'missing' led on the frontpanel PCB (Bit 0x04 is assume) hope this helps - sorry for the late reply ;) /paketix
• C

  Connecting PON Modem to PFSense has very high latency
  • cinlung  

  2
  0
  Votes
  2
  Posts
  33
  Views

  

  @cinlung said in Connecting PON Modem to PFSense has very high latency: FO PON modem directly conect a pc on port 1 of your pon modem a do a test, more likely is a ISP problem
• B

  pfsense restarts everyday
  • bokikay  

  5
  0
  Votes
  5
  Posts
  93
  Views

  B

  @Renat hello sir thanks for this thread it help me a lot. I have to observed this machine if error still exists. Thumbs up! ;) AMD A6-6400K APU with Radeon(tm) HD Graphics 2 CPUs: 1 package(s) x 2 core(s) AES-NI CPU Crypto: Yes (inactive) I have 1 NIC card attached on my machine. Winyao E350T4 PCI-E X1 Quad Port 10/100/1000Mbps Gigabit Ethernet Network Card Server Adapter LAN I350-T4 NIC This is the specs the NIC card having 4 ports. I hope that the error be fixed. ;)
• E

  pfSense 2.4.4-p3 in boot loop - VM Hyper-V
  • Erly Araújo  

  5
  0
  Votes
  5
  Posts
  36
  Views

  

  @Erly-Araújo it was on older version of pfsense https://www.netgate.com/blog/pfsense-2-4-1-release-now-available.html
• J

  Unable to check for updates
  • juliansamuel  

  9
  0
  Votes
  9
  Posts
  88
  Views

  

  "Truncated ELF file" => standard OS commands are unreadable. Leave the disk as is. Salvage config.xml Reboot using a install device and install from scratch. When you are asked to format the destination drive, do no go for quick one, but chose the non-default total format with check (I didn't re install pfSense on a physical disk, mine just wont die after nearly 10 years ...)
• Y

  2.4.4 upgrade to 2.5
  • yon 0  

  12
  0
  Votes
  12
  Posts
  553
  Views

  

  https://forum.netgate.com/topic/146189/crash-report-after-update
• B

  Restoring simple configuration from RCC-VE 2440 on new XG-7100
  • bdr  

  3
  0
  Votes
  3
  Posts
  51
  Views

  B

  Thanks for the reply, but I think I got it all set and figured out. After reading about the XG-7100's setup, I created VLANs for each of my LANs with the one LAGG, and then reassigned the interfaces to the new VLANs. Everything is all good now.
• J

  Locked out of WebGUI
  • jdeloach  

  3
  0
  Votes
  3
  Posts
  68
  Views

  J

  @kiokoman said in Locked out of WebGUI: from the console using option 15 15) Restore recent configuration or you can try pkg delete pfSense-pkg-darkstat-3.1.3_4 you probably have to manually delete all reference to darkstat from the xml config later or reinstall everything Thanks for your help. I actually had tried that but only tried reinstalling the backup prior to installing Darkstat. What I didn't notice was that it had, for some reason, installed Darkstat about 4 times in a row. So I restored a configuration from last week and it worked and let me have access to the WebGUI. This seems like a weird happening. I then restored a local backup and everything appears to be working again. I installed Darkstat again it appears to be working as well.
• J

  Locked out of WebGUI
  • jdeloach  

  1
  0
  Votes
  1
  Posts
  22
  Views

  No one has replied

• 

  Installed packages to be REMOVED
  • Bismarck  

  10
  0
  Votes
  10
  Posts
  81
  Views

  

  uhm 1.7.11 was my doing, a trivial patch to permit uppercase name for the tabs on status monitoring https://github.com/pfsense/FreeBSD-ports/pull/662 idk but i don't think it can't be that I just ran the same commands on my 2.4.4-p3 and i had same results of @Gertjan. so all fine here
• K

  ZFS installation ahcich.0 timeout error
  • kakaru  

  1
  0
  Votes
  1
  Posts
  20
  Views

  No one has replied

• Z

  Unable to log into admin account after upgrade
  • zacko11288  

  7
  0
  Votes
  7
  Posts
  68
  Views

  Z

  @stephenw10 That is a perfect temporary solution for us! Now I can at least get back into my LDAPS and user configs. Thanks! I'm going to do some testing in our non production environment and see if I get get things syncing again. Thanks for your help with this
• P

  Pfsense on nvme ssd: ZFS vs UFS
  • pfsensenoobie  

  2
  0
  Votes
  2
  Posts
  83
  Views

  J

  @pfsensenoobie You need more than 4GB RAM in order to enjoy zfs's file caching. I have three pfSense boxes running with zfs and M.2 stripes. No problems so far. I think the greatest advantage of zfs is that you don't have to think about how you want to partition the drive. In case of heavy storms, one cannot exclude the risks due to induction damages caused by lightning...
• K

  Upgrade from 2.4.4 -> 2.5 no networking
  • kraduk  

  11
  0
  Votes
  11
  Posts
  207
  Views

  K

  @Derelict Not at all, this is a preproduction test environment, but it does have other users, that kind of test things so uptime during business hours is still as important, but not critical. Most individuals test environments are virtual, so this issue hand not being picked up due to it being hardware based.
• 4

  This topic is deleted!
  • 4howcrack  

  1
  0
  Votes
  1
  Posts
  6
  Views

  No one has replied

• Y

  pf 2.5 DHCPv6 Server and Router Advertisements
  • yon 0  

  3
  0
  Votes
  3
  Posts
  59
  Views

  Y

  @kiokoman yeah, i see the post now. why long time not fixed it?
• L

  [solved] Issues with pfsense as KVM VM
  • lbm_  

  5
  0
  Votes
  5
  Posts
  49
  Views

  L

  @viragomann Thank you so much again. Everything is working, after disabling the hardware checksum offload. :)
• Y

  PFSense & VLANs
  • Yamyam48  

  6
  0
  Votes
  6
  Posts
  123
  Views

  

  It depends on how you configure the hypervisor interface. Unless you put VLAN 4095 on it the guest will see an interface with untagged traffic on the configured vswitch VLAN.
• 

  Manual reinstall of addon packages after upgrade
  • rmaeder  

  3
  0
  Votes
  3
  Posts
  206
  Views

  

  @KOM but this reinstalls all installed packages, doesn't it? I only need the missing ones.
• D

  pfsense on APU won't boot any more after upgrade
  • doejohn  

  6
  0
  Votes
  6
  Posts
  80
  Views

  J

  With HPA you can hide memory from your operating system to over-provision the memory and increase its lifetime. It looks to me that your SSD indeed got bricked. Even if you can get it to work again (e.g. reflash its firmware if that is even possible with that specific drive) I would not use it again for anything critical like a router. I do not believe this happened due to a bug in pfsense. Updates are just very "hard" on disks compared to normal routing operation, so it could really just be a coincidence it broke during the update.
• M

  Help with for booting to safe mode ALWAYS
  • mateckz  

  6
  0
  Votes
  6
  Posts
  73
  Views

  

  Ok, but what are you actually doing to get into 'safe mode' currently?
• T

  2 pfsense devices -> BT Openreach Modem
  • templateunheard  

  6
  0
  Votes
  6
  Posts
  66
  Views

  

  Have you unlocked the modem or replaced it's firmware? The second Ethernet port is not normally active on Openreach modems. Is it still running in modem mode? The only way you could connect two pfSense devices to the modem is if it's running as a router. In the default modem mode you use a PPPoE session from pfSense and you can't create two PPPoE sessions. You should use just one pfSense box behind the modem connected via PPPoE and have two subnets on separate interfaces behind that. You can that have them fully isolated or allow connectivity between them as required. Steve
• J

  Pfsense newbie looking for advice/help setting up new system
  • JoJa15  

  2
  0
  Votes
  2
  Posts
  101
  Views

  

  This guide will get you going on how to create the VLANs you want. https://docs.netgate.com/pfsense/en/latest/book/vlan/pfsense-vlan-configuration.html You can then create firewall rules on each interface to restrict access outbound. By default, only the LAN interface gets a Default Allow rule that passes all traffic from LAN to anywhere. All other interfaces, ie your VLANs, will require at least one rule added in order for them to talk. I would stick with pfB instead of pihole as you then only have one device to worry about, and if pfSense goes down then you have bigger fish to fry then adblocking, ha! Bandwidth monitoring can be done with ntop or lightsquid, depending on if you want all traffic or just http/s. Youtube Video You can do scheduling with pfSense but the interface is a little clunky, and you're limited to 15 minute intervals IIRC. You create a schedule and then create a firewall rule and link to it.
• Y

  One printer, two networks
  • YannickBon  

  5
  0
  Votes
  5
  Posts
  80
  Views

  

  Devices can be found by broadcast on the local subnet, but that won't cross a router. I suspect that you will have to manually add the printer because it can't be found via auto-discovery.
• P

  giant locked - atkbd0
  giant locked • • pfsenseuser12  

  5
  0
  Votes
  5
  Posts
  59
  Views

  

  No idea at this point. I would check for firmware/BIOS updates for your board if you haven't already done so. Also, you might want to check out pfSense 2.5-devel which is based on FreeBSD 12 I believe. Not for production use, but seems to work pretty well. https://www.pfsense.org/snapshots/
• D

  2.2.6 to 2.4.4
  • davidthomas  

  6
  0
  Votes
  6
  Posts
  50
  Views

  

  @davidthomas said in 2.2.6 to 2.4.4: Sorry it was implicit for me. The other way for me : never worked with "LDAP" .... But : important your settings, thena debug / test drive with the help of te https://docs.netgate.com/pfsense/en/latest/usermanager/ldap-troubleshooting.html and there is also a video about Netgate => pfSense on Youtube.
• P

  New SG3100 Stuck in boot loop
  • pmckenna11  

  6
  0
  Votes
  6
  Posts
  89
  Views

  P

  @johnpoz HOLY CRAP!!!!!! No idea why I didn't see it. I just don't think I ever scrolled down for some reason. Visited the page multiple times... Anyway thanks for the help!