Installation and Upgrades

• B

  Pkg.pfsense.org appears to be dead
  • basic612

  15
  0
  Votes
  15
  Posts
  8906
  Views

  P

  bonnie222, I have to agree with johnpoz.  You have something going on with your DNS configuration.  Have you checked your DNS settings to make sure you have a DNS server configured?  Can you successfully look up A records for sites like www.pfsense.org and files00.netgate.com.  If you can't do A record lookups you certainly aren't going to be able to do SRV record lookups. There is an option under 'System -> General Setup -> DNS Server Settings' that allows your ISP DHCP settings to override the local DNS server settings.  If you are using DHCP from your ISP and using their DNS servers make sure this is checked. This should not be unchecked unless you have your own DNS servers, you want to use different DNS servers (like google), or your ISP doesn't provide DNS via DHCP.  If the box is unchecked you have to manually configure DNS servers. If your box has Internet access to google's DNS servers you can test by using 8.8.8.8  as a DNS Server, uncheck 'DNS Server Override" and check the "Disable DNS Forwarder'.  This will skip using the pfSense box for DNS and go directly to Google's DNS server.  If this works then either your ISP isn't providing a DNS server via DHCP and you need to configure a DNS server manually or your own DNS server is filtering what you are allowed to resolve. Hope this helps.
• P

  HOW TO: 2.4.0 ZFS Install, RAM Disk, Hot Spare, Snapshot, Resilver Root Drive
  • pfBasic

  38
  0
  Votes
  38
  Posts
  20534
  Views

  S

  this topic is old but I think with fresh 2.4.4 installs there will be more if not all users doing ZFS and should be doing a mirror or 3way mirror. That leads to the question about the GUI interface to manage ZFS. Would it be easier for pfSense just to make a plugin for FreeNAS so the firewall can run as a IOCage jail? The IOCage jail could have 2 NIC's passed to it and now the FreeNAS would manage the ZFS complexity. On a side note the pfSense jail would be able to reboot in 1 second. :-) The other cool idea would be to have two pfSense IOCage jails so that you could run them in HA, patch and upgrade the secondary while the primary keeps running. I am doing this today with VMware ESXI but because pfSense is a VM it does not boot in 1 second like a jail...
• 

  2.3.x "Unable to check for updates"/"Unable to retrieve package information"
  • jimp

  3
  0
  Votes
  3
  Posts
  10292
  Views

  

  Please do not post other update failures to this thread, as they are highly unlikely to be related. Start new threads for different errors.
• C

  Gateway monitoring not working post-2.3 upgrade? Read here
  • cmb

  17
  0
  Votes
  17
  Posts
  14982
  Views

  I

  @cmb: If your gateway monitoring isn't working post-2.3 upgrade, it's likely one of two things. Verify advanced options are sane Browse to System>Routing and edit the gateway that's down. Then click Save. That will trigger the input validation that makes sure the configuration is valid, especially the advanced options. You may have had options set for apinger that are not valid for dpinger. If you get any errors upon saving, fix them, save, and apply changes. Set ping payload size Some modems have a bug that makes them drop pings with 0 byte payloads. dpinger uses a 0 byte payload by default because there isn't a need to include one and unnecessarily chew up bandwidth. If you have such a buggy upstream device, you'll need to set the payload to something greater than 0. System>Routing, edit the gateway, go to Advanced, and set payload to 1. Save and apply changes. Yes, it works again  ;D
• 

  Issues updating from 2.3-RC (or older 2.3 installs) to 2.3-RELEASE
  • jimp

  65
  0
  Votes
  65
  Posts
  62302
  Views

  W

  please check your pfsense date and time .
• R

  upgrade from 2.4.3 to 2.4.4 failed. no wan and no webui
  • rentul_netgate

  6
  0
  Votes
  6
  Posts
  126
  Views

  R

  Neither. It's a VM running on vSphere 6.x.
• T

  Upgrade from 2.2 to 2.4.4 was close but no cigar.
  • TrickyCharacter

  5
  0
  Votes
  5
  Posts
  50
  Views

  G

  Do you even have a multi WAN setup, and if not where does the Gateway 1 come from.
• N

  upgrade 2.4.3 to 2.4.4 changes bird behavior during filter reload
  • nocwvnet

  3
  0
  Votes
  3
  Posts
  30
  Views

  N

  Yes i know , but it's the only option to habe BGP with BFD support. It was working all the time - only this update break it. I'will have a look at the FRR package but i don't think BFD support is included thanks
• 

  Bad performance on new install
  • umademelosemyusernamepfsense

  8
  0
  Votes
  8
  Posts
  188
  Views

  

  There was a memory leak fixed in Unbound that I guess might have exhibited this. Maybe if it started swapping and got progressively worse. That should have been fairly evident though either on the pfSense dash or the VM performance graphs. Steve
• 

  Auto update check, checks for updates to base system + packages and sends email alerts
  • luckman212

  2
  2
  Votes
  2
  Posts
  25
  Views

  

  Needs more blinkenlight action! Steve
• C

  Upgrade from 2.3.5 to 2.4.4 borked PPoE connection with CenturyLink
  • chase

  8
  0
  Votes
  8
  Posts
  206
  Views

  

  @chase Fiber? Ive never had to use a VLAN in pfsense on Centurylink. My modem was set for 201 and in bridge mode. I was on bonded VDSL. I don't have that connection anymore so can't bring up the page to look either.. 1gbps up and down makes me ask my first question.. If that is the case your modem would be used as a router only and unless your using their VOIP or TV service you shouldn't even need it.
• I

  pfsense old version download
  • ishtiaqaj

  13
  0
  Votes
  13
  Posts
  279
  Views

  

  Yes, 2.3.X is End of Life. There will be no further security updates for it. https://www.netgate.com/blog/pfsense-release-2-3-x-eol-reminder.html Steve
• R

  Error saving Admin Access page
  • revengineer

  13
  0
  Votes
  13
  Posts
  264
  Views

  R

  @jimp Perfect, thank you for the details. My patch is set up to not auto re-apply after upgrading. So I am set this time. (In the past, I once reinstalled pfsense for good measures after forgetting to revert a patch because I was not sure about these details.)
• B

  AWS pfsense
  • benson

  1
  0
  Votes
  1
  Posts
  32
  Views

  No one has replied

• A

  Lost Lagg0 interface on XG-7100 when restoring configuration
  • ASlatius

  7
  0
  Votes
  7
  Posts
  41
  Views

  

  @aslatius said in Lost Lagg0 interface on XG-7100 when restoring configuration: Especially the user certificates for VPN which you could only get imported using a full restore. Yep, You're right. Certificates are a none or all thing.
• I

  Old old laptop to run as router
  • ianmc

  10
  0
  Votes
  10
  Posts
  104
  Views

  

  @ianmc said in Old old laptop to run as router: Does anyone have any positive at all to say about a post. So what is I want to use an old version. If working then may consider a dedicated machine at a later time with an updated version of pfsense. If this is what to expect from asking genuine questions the software then maybe I could give it a miss. True. But, why are you waiting ? Install pfSense on it right now. It can be done in a couple of minutes. But keep in mind : pfSense is based on FreeBSD, it uses actually has a recent 11.2 kernel - and as you know : your PC might run (== accept) some Windows versions - but other OS's ? These devices are known to be very picky. FreeBSD might not recognize your Wifi NIC : test this first ! No one on this forum could predict the results. Still : no one can remembers what worked with your device (10 years ago) with what software. And keep in mind that the "32 bits" game is over very soon - this isn't a pfSense rule. Apple and Microsoft decides the same thing already years ago.
• G

  PfSense boot skipping optical drive
  • GeekBoyMN

  6
  0
  Votes
  6
  Posts
  85
  Views

  G

  Thanks for the help but I decided to just stick to the working installation. I thought it would be simple to install a fresh PfSense to a different hard drive compared to jumping through extra hoops to clone it, not expecting this crazy problem. At some point later I'll clear CMOS and try again but the current drive is fine so it isn't a major priority.
• R

  2.3.4->2.4.4 Upgrade 100% Packet Loss on WAN Interface
  • rjarratt

  13
  0
  Votes
  13
  Posts
  297
  Views

  

  @rjarratt said in 2.3.4->2.4.4 Upgrade 100% Packet Loss on WAN Interface: gateway IP is in the same subnet as the leased IP address. And this is public IP or private IP?? This is a VM right... Are we sure interfaces are not moving about and changing order on update? If your pfsense can not talk to your gateway your going to have a problem. Your gateway and public IP should be the same when on 2.3.4 as it is when you upgrade... I do not see your mac changing on your vm... So if you can ping your gateway when your on 2.3.4 and not when on 2.4.4 something really odd is going on..
• N

  Update 2.4.3p1 to 2.4.4 Fails
  • neiltiffin

  6
  0
  Votes
  6
  Posts
  211
  Views

  N

  Updating using the command line seemed to partially work. Now it says no packages installed. Have not tried to install packages, just happy to finally get it partially working again. Summary for those of you at home, don't plan on UI updates working. Frustrated Neil
• T

  Restoring 2.3.4 Backup to 2.4.4: Interface Mismatch and hang . . . .
  • TheWaterbug

  9
  0
  Votes
  9
  Posts
  203
  Views

  T

  @thewaterbug said in Restoring 2.3.4 Backup to 2.4.4: Interface Mismatch and hang . . . .: now I can import the old Backup with no errors. Once I disable the Gateway, it will boot normally at full speed. Victory! I restored my 2.3.4 config to the MBT-2220 as described, replaced the APU2 unit, and un-disabled the WAN gateway. Everything is working as expected, and my IPSec tunnels came up immediately. I had about 5 minutes of downtime. Now I can do a clean install of 2.4.4 on the APU2, use that to replace the other APU2, reinstall on that one, and then use it to replace my obsolete m1n1wall/Alix unit. Thanks for all the help!
• L

  DNS issues after upgrading from 2.4.3 to 2.4.4
  • luas

  35
  0
  Votes
  35
  Posts
  612
  Views

  

  You can set Ubounds log level in the advanced tab. If you set it to level 3 or higher you can see the queries made against it so you would see whatever it is resolving initially. Steve
• D

  What ip addresses I should use for pfsense installation in virtualbox with 1 physical nic
  • dhoom

  7
  0
  Votes
  7
  Posts
  123
  Views

  D

  I had to disable the pf via shell and then use wan ip to configure it. after the reboot I was able to connect to 10.x.x.x via lan vm browser. Thanks for the help.
• G

  fatal error - cannot restore 2.4.2 backup in 2.4.4
  • goodthings

  7
  0
  Votes
  7
  Posts
  179
  Views

  W

  This just happened to me too. Exact same issue. I consoled into the device, removed the <phase1></phase1/> line, and was good to go. The next release being? (it looks like 2.4.4-p1)....do you know when they release this? I do not think I ever configured ipsec for this router, do you know how the phase1 line got in there?
• A

  Restore config backup on XG7100 gives "The configuration could not be restored"
  • ASlatius

  8
  0
  Votes
  8
  Posts
  59
  Views

  A

  Applied the patch (verified it on the filesystem) but the download still contains the script tag.
• M

  2.4.4 Install failed
  • Marc1701

  11
  0
  Votes
  11
  Posts
  309
  Views

  C

  @marc1701 hey marc, I am so happy to find you as I have the same exact J1900 celeron I just wanted to chime in, I was also experiencing the same issue as you, it would get stuck at boot when going from 2.3x to 2.4x, I followed your instructions and chose kernel.old (option 5) twice, the second time it booted in to 2.4.4-RELEASE , I cannot express my gratitude for your words on this forum you don't understand how much headache you have saved me, thank you so much!
• R

  Restore a new ZFS install from a config file made on a UFS install
  • RickyBaker

  7
  0
  Votes
  7
  Posts
  184
  Views

  R

  I'm a glutton for punishment so I'll probably give it a try;)
• 

  Odd ESXi / pfSense 2.4.4 iso mount problem
  pfsense osnotfound esxi6.7 • • randomeclipse

  2
  0
  Votes
  2
  Posts
  79
  Views

  

  I assume this was resolved in the other thread? Steve
• D

  using a backup on another appliance?
  • detox

  2
  0
  Votes
  2
  Posts
  57
  Views

  

  Yes to both questions. You can also restore a backup between different hardware types and between factory and community versions though there are some caveats there. https://www.netgate.com/docs/pfsense/backup/index.html Steve
• D

  Issue with setting up interfaces on virtualized instance of Pfsense
  • dum258

  5
  0
  Votes
  5
  Posts
  72
  Views

  

  What is the exact error your getting.. Out of the box it will by default have 192.168.1.1 on the lan..
• A

  config.xml during initial install - in vmware? [SOLVED]
  • avantsysadm

  11
  0
  Votes
  11
  Posts
  139
  Views

  A

  @stephenw10 said in config.xml during initial install - in vmware?: If attach a second fat32 formatted virtual drive it doesn't pull a config file from that? Or just that isn't a practical option? Steve I finally got it working this afternoon! At present, you must attach a second virtual hard drive, MBR-formatted (not GPT), with a FAT filesystem on it. I couldn't tell if the installer was picking up the config file or if ECL was picking it up, so I placed a copy of config.xml in both /conf and /config to cover all my bases. On macOS, I did the following: export config.xml (WITH RRD data) from existing firewall run these commands locally on your macbook with both qemu and VMware Fusion installed: dd if=/dev/zero of=ECL.img bs=1024k count=100 D=$( hdiutil attach -noMount ECL.img ) diskutil eraseDisk MS-DOS ECL MBR ${D} mkdir -p /Volumes/ECL/conf /Volumes/ECL/config cp ~/Downloads/config*.xml /Volumes/ECL/config.xml cp ~/Downloads/config*.xml /Volumes/ECL/conf/config.xml cp ~/Downloads/config*.xml /Volumes/ECL/config/config.xml diskutil eject ${D} hdiutil detach ${D} qemu-img convert -f raw -O vmdk -o subformat=monolithicSparse -S 1 ECL.img ECL.vmdk /Applications/VMware\ Fusion.app/Contents/Library/vmware-vdiskmanager -d ECL.vmdk /Applications/VMware\ Fusion.app/Contents/Library/vmware-vdiskmanager -k ECL.vmdk • upload the resulting ECL.vmdk file to VMware at OVH • add it as a second hard disk to the new pfSense VM • shut down the old pfSense VM • boot the new pfSense VM into the installer, off the ISO image • install pfSense • it will automatically pick up the config file from the 2nd hard disk • test that the firewall works • RE-UPLOAD the config.xml file to the firewall manually (this will restore the RRD data) • shutdown the firewall (instead of rebooting) • remove the 2nd hard disk • power it back on (WARNING: those are notes-in-progress, don't just blindly paste that in anywhere!) FWIW, the last error I made was copying the downloaded config.xml file in as-is without renaming it back to simply "config.xml". -Adam
• P

  New Version 2.4.4 - Interface Error --> aq_add_macvlan err -53, aq_error 14
  • peterfranca

  17
  0
  Votes
  17
  Posts
  494
  Views

  

  Does is have something to do with the older "error" in this thread that mentioned the problem would be gone with a further driver update? Could this be related to a newer driver or driver changes to ixl on FreeBSD 11.2 perhaps? https://communities.intel.com/thread/103549 Otherwise the VLANs came up alright, what I did see was CARP on those VLAN interfaces somewhat "jittery". If you refresh CARP status on both nodes, you could see the them switching master roles very very shortly but noticable for a second. After witnessing this, I rebooted both nodes. After a bit of research this weekend I found this thread and tried salvaging the reboot log from those boxes: Nov 2 15:48:06 kernel done. Nov 2 15:48:05 php-cgi rc.bootup: Configuring CARP settings finalize... Nov 2 15:48:05 php-cgi rc.bootup: pfsync done in 0 seconds. Nov 2 15:48:05 php-fpm 334 /rc.carpbackup: HA cluster member "(192.168.91.4@ixl0.91): (V091_PHONE)" has resumed CARP state "BACKUP" for vhid 4 Nov 2 15:48:05 php-fpm 334 /rc.carpbackup: HA cluster member "(192.168.82.4@ixl0.82): (V082_BZD)" has resumed CARP state "BACKUP" for vhid 4 Nov 2 15:48:05 php-fpm 334 /rc.carpbackup: HA cluster member "(192.168.80.4@ixl0.80): (V080_HNR)" has resumed CARP state "BACKUP" for vhid 4 Nov 2 15:48:05 php-cgi rc.bootup: waiting for pfsync... Nov 2 15:48:05 php-fpm 335 /rc.carpbackup: HA cluster member "(192.168.95.4@ixl0.95): (V095_ADMIN)" has resumed CARP state "BACKUP" for vhid 4 Nov 2 15:48:05 php-fpm 334 /rc.carpbackup: HA cluster member "(10.0.0.4@ixl0.10): (V010_VERWA)" has resumed CARP state "BACKUP" for vhid 4 Nov 2 15:48:04 kernel carp: 4@ixl0.91: INIT -> BACKUP (initialization complete) Nov 2 15:48:04 kernel ixl0.91: promiscuous mode enabled Nov 2 15:48:04 check_reload_status Carp backup event Nov 2 15:48:04 kernel carp: 4@ixl0.82: INIT -> BACKUP (initialization complete) Nov 2 15:48:04 kernel ixl0.82: promiscuous mode enabled Nov 2 15:48:04 check_reload_status Carp backup event Nov 2 15:48:04 kernel carp: 4@ixl0.80: INIT -> BACKUP (initialization complete) Nov 2 15:48:04 kernel ixl0.80: promiscuous mode enabled Nov 2 15:48:04 check_reload_status Carp backup event Nov 2 15:48:04 kernel carp: 4@ixl0.10: INIT -> BACKUP (initialization complete) Nov 2 15:48:04 kernel ixl0.10: promiscuous mode enabled Nov 2 15:48:04 kernel carp: demoted by 240 to 720 (interface down) Nov 2 15:48:04 kernel igb4: promiscuous mode enabled Nov 2 15:48:04 kernel carp: demoted by 240 to 480 (interface down) Nov 2 15:48:04 kernel igb0: promiscuous mode enabled Nov 2 15:48:04 check_reload_status Carp backup event Nov 2 15:48:04 kernel carp: 4@ixl0.95: INIT -> BACKUP (initialization complete) Nov 2 15:48:04 kernel ixl0.95: promiscuous mode enabled Nov 2 15:48:04 kernel ixl0: promiscuous mode enabled Nov 2 15:48:04 kernel carp: demoted by 240 to 240 (interface down) Nov 2 15:48:04 kernel igb1: promiscuous mode enabled Nov 2 15:48:04 kernel ixl0: aq_add_macvlan err -53, aq_error 14 Nov 2 15:48:04 check_reload_status Carp backup event Nov 2 15:48:04 kernel ixl0: aq_add_macvlan err -53, aq_error 14 Nov 2 15:48:04 kernel ixl0: aq_add_macvlan err -53, aq_error 14 Nov 2 15:48:04 kernel ixl0: aq_add_macvlan err -53, aq_error 14 Nov 2 15:48:04 kernel ixl0: aq_add_macvlan err -53, aq_error 14 Nov 2 15:48:04 kernel ixl0: aq_add_macvlan err -53, aq_error 14 Nov 2 15:48:04 kernel ixl0: aq_add_macvlan err -53, aq_error 14 Nov 2 15:48:04 kernel ixl0: aq_add_macvlan err -53, aq_error 14 Nov 2 15:48:04 kernel done. Nov 2 15:48:03 kernel ixl0: aq_add_macvlan err -53, aq_error 14 Nov 2 15:48:03 kernel ixl0: aq_add_macvlan err -53, aq_error 14 Nov 2 15:48:03 kernel done. Nov 2 15:48:03 kernel ixl0: aq_add_macvlan err -53, aq_error 14 Nov 2 15:48:03 kernel ixl0: aq_add_macvlan err -53, aq_error 14 Nov 2 15:48:03 kernel vlan4: changing name to 'ixl0.95' Nov 2 15:48:03 kernel ixl0: aq_add_macvlan err -53, aq_error 14 Nov 2 15:48:03 kernel ixl0: aq_add_macvlan err -53, aq_error 14 Nov 2 15:48:03 syslogd Logging subprocess 11242 (exec /usr/local/sbin/sshguard) exited due to signal 15. Nov 2 15:48:03 sshd 10982 Server listening on 0.0.0.0 port 22. Nov 2 15:48:03 kernel ixl0: aq_add_macvlan err -53, aq_error 14 Nov 2 15:48:03 sshd 10982 Server listening on :: port 22. Nov 2 15:48:03 kernel vlan3: changing name to 'ixl0.91' Nov 2 15:48:03 kernel ixl0: aq_add_macvlan err -53, aq_error 14 Nov 2 15:48:03 kernel ixl0: aq_add_macvlan err -53, aq_error 14 Nov 2 15:48:03 kernel ixl0: aq_add_macvlan err -53, aq_error 14 Nov 2 15:48:03 kernel vlan2: changing name to 'ixl0.82' Nov 2 15:48:03 kernel ixl0: aq_add_macvlan err -53, aq_error 14 Nov 2 15:48:02 kernel ixl0: aq_add_macvlan err -53, aq_error 14 Nov 2 15:48:02 kernel ixl0: aq_add_macvlan err -53, aq_error 14 Nov 2 15:48:02 kernel vlan1: changing name to 'ixl0.80' Nov 2 15:48:02 kernel ixl0: aq_add_macvlan err -53, aq_error 14 Nov 2 15:48:02 kernel ixl0: aq_add_macvlan err -53, aq_error 14 Nov 2 15:48:02 kernel ixl0: aq_add_macvlan err -53, aq_error 14 Nov 2 15:48:02 kernel ixl0: aq_add_macvlan err -53, aq_error 14 Nov 2 15:48:02 kernel vlan0: changing name to 'ixl0.10' Nov 2 15:48:02 kernel device_attach: est3 attach returned 6 Nov 2 15:48:02 kernel est: cpu_vendor GenuineIntel, msr 211200002200 Nov 2 15:48:02 kernel est: CPU supports Enhanced Speedstep, but is not recognized. Nov 2 15:48:02 kernel est3: <Enhanced SpeedStep Frequency Control> on cpu3 Nov 2 15:48:02 kernel coretemp3: <CPU On-Die Thermal Sensors> on cpu3 (log is newest on top) Seems to me that assigning and renaming the VLANs somehow triggers that error, too.
• Z

  Problem Installation pfSense in DELL poweredge R610 PERC H200i
  • zorglub

  5
  0
  Votes
  5
  Posts
  135
  Views

  Z

  Hi, Thanks for your answers, I suspected it. I will think about an other solution.
• V

  Hanging on Boot
  • vashidu

  13
  0
  Votes
  13
  Posts
  1918
  Views

  

  Three years ago - you just resurrected a three ( 3 !) years old thread, FreeBSD 11.2 didn't exist. This thread isn't about FreeBSD 11.2 and taks about an ancient pfSense version 2.2.3. Admin's: please lock this thread.
• J

  2.4.4 fails upgrade and fresh installation
  • jbhowlesr

  10
  0
  Votes
  10
  Posts
  587
  Views

  

  Looking at the actual error you're seeing you might also try: hint.sdhci_pci.1.disabled=1 Steve
• Z

  upgrade to 2.4.4 failed.
  • zMaliz

  6
  0
  Votes
  6
  Posts
  126
  Views

  Z

  Thanks, I've not noticed any errors so hopefully all is good :)
• B

  Is it possible to configure php-fpm to listen on localhost:9000 (IP:PORT) instead of socket in Pfsense?
  • Bablu Kare

  24
  0
  Votes
  24
  Posts
  201
  Views

  

  You might try increasing the available php process in System > Advanced > Admin Access. Set max processes to something higher, try 4 to start. However is something is hanging the available php processes this may only delay the errors. Steve
• M

  2.4.3 hardware support C3000 SoC
  • MarvinFS

  8
  0
  Votes
  8
  Posts
  934
  Views

  

  Altq support had to be disabled for ixgbe as it was causing kernel panics: https://redmine.pfsense.org/issues/7378 It looks, from that ticket, like it would require a kernel module building with altq enabled. Which it looks like you may already be doing. And then driver adding back into the list to allow the gui to create queues on it. If you wanted to test it again. Steve
• M

  Newbie to pfsense, got typo in WAN host name How to fix?
  pfsense • • markp4289

  28
  0
  Votes
  28
  Posts
  199
  Views

  

  Get it in where?? Not sure why you think you need a WAN IP to resolve to something in your arp table for vpn clients to connect to you? I am thinking you still don't quite grasp what a PTR or reverse is... Your vpn.domain.tld resolves to IP.242 address.
• J

  Encrypted traffic randomly fails after upgrading from 2.4.3_p1 to 2.4.4
  https 2.4.4 ssl errsslinterfe • • Jay2

  4
  0
  Votes
  4
  Posts
  140
  Views

  

  I would definitely check the actual interface MTU. If you have any options set there it removes the default dhclient settings and adds the custom values and that removes supersede interface-mtu 0 which otherwise prevents the bad MTU value. https://redmine.pfsense.org/issues/8507 You can add that back in the option modifiers field in 2.4.4. if you need any other advanced options. I would definitely set a default gateway if none is set there. Steve
• M

  Newbie to pfsense, Firewall not forwarding any tcp traffic!!
  pfsense • • markp4289

  10
  0
  Votes
  10
  Posts
  79
  Views

  M

  modem reboot solved the problem thankyou very much for your help!! this is the traceroute from inside the firewall. 0_1540757854627_Traceroute from inside after modem reboot Document.txt