Installation and Upgrades

• B

  Pkg.pfsense.org appears to be dead
  • basic612  

  15
  0
  Votes
  15
  Posts
  17558
  Views

  P

  bonnie222, I have to agree with johnpoz.  You have something going on with your DNS configuration.  Have you checked your DNS settings to make sure you have a DNS server configured?  Can you successfully look up A records for sites like www.pfsense.org and files00.netgate.com.  If you can't do A record lookups you certainly aren't going to be able to do SRV record lookups. There is an option under 'System -> General Setup -> DNS Server Settings' that allows your ISP DHCP settings to override the local DNS server settings.  If you are using DHCP from your ISP and using their DNS servers make sure this is checked. This should not be unchecked unless you have your own DNS servers, you want to use different DNS servers (like google), or your ISP doesn't provide DNS via DHCP.  If the box is unchecked you have to manually configure DNS servers. If your box has Internet access to google's DNS servers you can test by using 8.8.8.8  as a DNS Server, uncheck 'DNS Server Override" and check the "Disable DNS Forwarder'.  This will skip using the pfSense box for DNS and go directly to Google's DNS server.  If this works then either your ISP isn't providing a DNS server via DHCP and you need to configure a DNS server manually or your own DNS server is filtering what you are allowed to resolve. Hope this helps.
• P

  HOW TO: 2.4.0 ZFS Install, RAM Disk, Hot Spare, Snapshot, Resilver Root Drive
  • pfBasic  

  44
  0
  Votes
  44
  Posts
  29511
  Views

  K

  @scurrier said in HOW TO: 2.4.0 ZFS Install, RAM Disk, Hot Spare, Snapshot, Resilver Root Drive: @kevindd992002 did you ever find an answer to this? I want to rebuild my system with zfs for more robustness and copies=2 would be some nice additional protection on my single SSD system. Not really. No one from this thread seems to want to talk about this further :(
• 

  2.3.x "Unable to check for updates"/"Unable to retrieve package information"
  • jimp  

  3
  0
  Votes
  3
  Posts
  11751
  Views

  

  Please do not post other update failures to this thread, as they are highly unlikely to be related. Start new threads for different errors.
• C

  Gateway monitoring not working post-2.3 upgrade? Read here
  • cmb  

  20
  0
  Votes
  20
  Posts
  17236
  Views

  

  @dotdash I must admit that you are absolutely right. I am a very impatient person. ;) A couple of minutes ago I finally changed the Payload of the ping (I did it not right at the beginning). Also I inserted a monitoring IP on the interfaces. Now it seems to work but I have absolutely no clue why.
• 

  Issues updating from 2.3-RC (or older 2.3 installs) to 2.3-RELEASE
  • jimp  

  65
  1
  Votes
  65
  Posts
  69846
  Views

  W

  please check your pfsense date and time .
• 

  How to installing Bashtop and adding it to Main Menu (menu in Console)?
  • Sergei_Shablovsky  

  24
  0
  Votes
  24
  Posts
  97
  Views

  

  @Gertjan said in How to installing Bashtop and adding it to Main Menu (menu in Console)?: As for myself : up until know, I didn't even know what bashtop was ... I told You more: zsh and fish shells able to impress You if You work in command line. And Bashtop, Pingtop, Hegemon, Gotop, htop, Gping, Vping, also able to give a You a little help if a You have a servers without (or just not need and prefer going to each server by ssh manually for maintenance) agent-server monitoring system like LibreNMS or Splunk. But another one time: all this tools is not for ordinary home using, only if You need 24/7 running service and clients and have an obligation.
• D

  New installation from disc - "can't load kernel"
  • debesty  

  13
  0
  Votes
  13
  Posts
  49
  Views

  

  @debesty What application did you burn these with in Windows?
• E

  [HOW-TO] Re-install with GEOM_MIRROR for swap
  • enoch85  

  3
  0
  Votes
  3
  Posts
  1042
  Views

  S

  Just wanted to say THANK YOU for listing out these commands. Worked perfectly in fixing my "gpart: geom 'ada0': File exists" problem.
• P

  setting up of the main redundant link and backup with automatic switching between 2 pfsense
  • patou123  

  1
  0
  Votes
  1
  Posts
  6
  Views

  No one has replied

• R

  Black screen after installing memstick image
  • Rob_nyc  

  3
  0
  Votes
  3
  Posts
  22
  Views

  R

  @stephenw10 Anyway the hardware failure happened because I was installing pfsense. When the installer offered me making the last acceptance which was “ok” then I activated and the black screen is appeared. I went to an repair store. They are guessing 99% the motherboard is dead.
• R

  How to setup Wan to Lan bridging for a transparent firewall between servers on internal network ?.
  • RimBlock  

  3
  0
  Votes
  3
  Posts
  23
  Views

  R

  Some pics might make it clearer hopefully. Again, I have no control over anything in the Internet or green 'Prod' areas on the diagrams. Base enironment Current setup (1:1 Nat) - AD slow and DNS not working, high maintenance). Preferred setup (Bridge / flat network). Getting the bridge to pass traffice between the 'Lan' ports and the 'Wan' port seems to be problematic (it is not working). Test PFSense setup A couple of questions after drawing all this out.... What interface should the bridge be assigned to ?. Should the IP stay ont he Wan (VMX0) or the bridge if I am filtering on the interfaces rather than the bridge. Hope this is a bit clearer. Thanks
• D

  Cannot access web configurator from host brower
  • day  

  11
  0
  Votes
  11
  Posts
  22
  Views

  D

  @viragomann yes I have an ubuntu image that works just fine but when I added pfsense, i couldn't access any web pages except the gui of my router
• R

  WAN subnet
  • rebuilder  

  3
  0
  Votes
  3
  Posts
  12
  Views

  

  /23 not uncommon for a public IP from isp.. What did you think you should have? /22 or even /21 not all that uncommon..
• U

  pfSense 2.4.5 doesn´t boot after installation
  • unti  

  10
  0
  Votes
  10
  Posts
  40
  Views

  U

  @stephenw10 Thank you, this is an important answer, too.
• 

  Traffic Graphs does not work
  • ofir29200  

  24
  0
  Votes
  24
  Posts
  136
  Views

  

  @johnpoz I have set the NTP settings on pfsense to sync with the Israel Internet Association's NTP server. do i need to restart pfsense for it to sync again with the NTP server?
• D

  New install - Default creds accepted but stays on login screen
  • Df1988_2005  

  4
  0
  Votes
  4
  Posts
  9
  Views

  

  @Df1988_2005 said in New install - Default creds accepted but stays on login screen: v6 routing for internal preferably with OSFPv3 pfSense also to run upon relatively low-performance "iron", but don’t think that, we can to strangle into a VM environment which is only (1CPU / 1GB) OSFPv3, hmmm, if you want fast routing you have to increase the performance (definitely)
• L

  Problemes upgrading from 2.3.4 and install of packages
  • linedan  

  2
  0
  Votes
  2
  Posts
  10
  Views

  

  @linedan said in Problemes upgrading from 2.3.4 and install of packages: somehow could install the openvpn-client-export-package! Example : check out pfSense 2.4.5-RELEASE-p1 Now Available As the Netgate blog already states with any pfSense upgrade : IF there is a pfSense upgrade available, install that first. Never ever upgrade packages after a pfSense upgrade came out. As you can see in your image above, your pfSense is based on FreeBSD 10.3. Or the repository mentions it's based on FreeBSD 11.3. This means FreeBSD packages (for pfSense) and packages for pfSense that are pulled in are based on 11.3. They will have dependencies that won't work out. For example, a PHP library that is compiled against FreeBSD 11.3 will not work on a FreeBSD 10.3 system. This means : the GUI will go down. So, no "openvpn-client-export-package" for you : the risk is to big. I advise you to have the box send over to you. Or find some one on the other side that can do a bit more as n clicking "Like" on a screen, and you guide this person. Go for a re install, as cleaning out a system with a 'mixed identity' is possible, but very time consuming. It also needs a great deal of knowledge of the OS. I understand that, because of the distance, you won't upgrade every time when a new pfSense versions comes out. It's ok to wait a couple of weeks or even months. But hanging around with a 2.3.4 creates new problems. Knowledge about that version has faded out (on the forum )... I strongly advise you to look around on the forum. Others popped up with upgrade problems from 2.3.4. Some found solutions.
• R

  L2TP: Control connection 0x803859310 destroyed
  • reza.mnp  

  24
  1
  Votes
  24
  Posts
  219
  Views

  

  @erselbey still unable to reproduce try to disable accounting, try to create L2TP VPN server on the latest 2.5 snapshot
• J

  upgrade to 2.4.5 gone bad.. php libs gone missing.
  • jeli  

  10
  0
  Votes
  10
  Posts
  64
  Views

  T

  The suhosin lib is not compatible with PHP 7.2. You have to delete the following file: "/usr/local/etc/php/ext-30-suhosin.ini" to disable this PHP extension.
• T

  Trying to update a 2.3.4_1 install to 2.4.2 and I am unable to check for updates
  • thecodemonk  

  12
  0
  Votes
  12
  Posts
  3270
  Views

  N

  You should look at: https://redmine.pfsense.org/issues/8355 Specifically the last post I just made about NanoBSD being deprecated which leads you down this goatrope path.
• D

  SG2100 Upgrade to 2.5.0.Beta can't boot
  • doronl15  

  1
  0
  Votes
  1
  Posts
  19
  Views

  No one has replied

• A

  "Unable to retrieve package information" after 2.3 updgrade
  • adoucette  

  20
  0
  Votes
  20
  Posts
  52053
  Views

  J

  I was having the same problem, so I just added the Google DNS 8.8.8.8 . Go to System/General Setup, in the DNS Server Settings add: 8.8.8.8, dns.google , [WAN— with Internet Connection] ; saved the changes. After that try to check the Package Manager.
• A

  Update openvpn-client-export leads to total network outtage
  • Artes  

  9
  0
  Votes
  9
  Posts
  74
  Views

  

  You can check for Snapshots here: https://snapshots.pfsense.org/amd64/pfSense_master/installer/ -Rico
• P

  New Version 2.4.4 - Interface Error --> aq_add_macvlan err -53, aq_error 14
  • peterfranca  

  59
  0
  Votes
  59
  Posts
  2890
  Views

  F

  @stephenw10 Hi ! Just the 'queue appears hung' and server unreachable on the interface. Fabien
• R

  PFS password reset
  • rickytow  

  8
  0
  Votes
  8
  Posts
  27
  Views

  T

  @rickytow Hi rickytow To fix your problem and regain admin access follow these steps. Type number 3 at the console of the device Press Enter/Return. This process resets the admin users password for access to both the console and the web interface to the default value of "pfsense"
• J

  Pfsense is slowing my internet down
  speed slow fios • • jakehaas  

  16
  0
  Votes
  16
  Posts
  109
  Views

  T

  @stephenw10 Could be a fault with the switch it's connected to as well.
• M

  NanoPi R2S
  • Mundon  

  2
  0
  Votes
  2
  Posts
  18
  Views

  

  @Mundon said in NanoPi R2S: NanoPi R2S That board has an ARM CPU: Rockchip RK3328, Quad-core Cortex-A53 The only pfSense ARM CPU's supported are Netgate's own boards. Look for a used PC with a 64-bit x86 CPU. /Bingo
• B

  How to enable a service
  • bauerfyr  

  2
  0
  Votes
  2
  Posts
  20
  Views

  H

  You can use the shellcmd package to start programs at boot. https://docs.netgate.com/pfsense/en/latest/development/boot-commands.html
• D

  Suggestions for installing Velop
  • DominikHoffmann  

  2
  0
  Votes
  2
  Posts
  10
  Views

  

  You can have two subnets in pfSense on different interfaces and route between them without NAT. There should be no reason to double NAT there unless it's a software restriction in the wifi devices. Steve
• O

  console="comconsole,efi" in loader.conf keeps overwriting
  • o51  

  2
  0
  Votes
  2
  Posts
  12
  Views

  

  Custom loader values should be put in /boot/loader.conf.local. Create that file if you don't have it yet. Steve
• E

  install package via command LINE with dependencies
  • edicastro  

  2
  0
  Votes
  2
  Posts
  15
  Views

  

  it install everything is necessary for pfsense to work, dependencies included example: [2.4.5-RELEASE][root@pfSense.trmultiservice.lab]/root: pkg-static install pfSense-pkg-pfBlockerNG-devel-2.2.5_37 Updating pfSense-core repository catalogue... pfSense-core repository is up to date. Updating pfSense repository catalogue... pfSense repository is up to date. All repositories are up to date. The following 9 package(s) will be affected (of 0 checked): <------ 9 dependencies New packages to be INSTALLED: grepcidr: 2.0 [pfSense] iprange: 1.0.4 [pfSense] jq: 1.6 [pfSense] lighttpd: 1.4.54 [pfSense] lua52: 5.2.4 [pfSense] pfSense-pkg-pfBlockerNG-devel: 2.2.5_37 [pfSense] py37-maxminddb: 1.4.1_1 [pfSense] py37-sqlite3: 3.7.7_7 [pfSense] whois: 5.2.17 [pfSense] Number of packages to be installed: 9 The process will require 9 MiB more space. 2 MiB to be downloaded. Proceed with this action? [y/N]: if no "New packages" are available than there is no dependencies needed or they are already installed
• D

  2.4.5 broke UPNP
  • DmacDude  

  37
  0
  Votes
  37
  Posts
  745
  Views

  

  Hmm, interesting. You would not normally be able to just change the WAN to PPPoE (from dhcp?). The ISP and the ISPs router would need to already be configured for that. Steve
• 

  Pfsense 'Clear Package Lock' not working
  • randombits  

  4
  0
  Votes
  4
  Posts
  45
  Views

  

  The solution that worked for me is here, https://forum.netgate.com/topic/156964/how-do-i-change-hard-drive-on-a-working-install?_=1604859343667
• K

  Setup TFTP for FOG Server
  • kdmiller61  

  2
  0
  Votes
  2
  Posts
  9
  Views

  

  Apropriate allow rules (TFTP is UDP 69) , on the affected interfaces. /Bingo
• L

  WAN flapping on 2.4.5-p1
  • larold42  

  18
  0
  Votes
  18
  Posts
  154
  Views

  T

  Just had to try a few more things because I am stubborn. Character flaw, but I think at this point I am now done. There is no fix for this NIC/Hitron modem combo. I grabbed another SSD I had around, installed the 2.5 devel, did basic setup only on it- WAN set dhcp, lan set static ipv4. Nothing else. Connected the WAN to the Hitron modem and it flapped maybe twice, then no lights on modem or PFSense NIC. They just don't talk to each other. Connect the WAN to that little Netgear dumb switch and it's fine. So it stays like that till I can think of something else. BTW I also booted that SSD on an old test computer I have that has an old 2 port intel PRO 1000 NIC that also uses the IGB driver and it flapped then lights out as well.
• O

  Read Only (live) root possible?
  • o51  

  5
  0
  Votes
  5
  Posts
  25
  Views

  O

  yeah thats the point, im using a sbc, it has no power switch, the only way to power it down without software access is to remove the power by unpluging the cable... Maybee i could add a power switch... But yeah, its crashing sometimes when i try some settings, thats the reason why i have to unplug the power, and after that it gets even worse..
• J

  Upgrade from 2.0-BETA4 to XG-7100-1U
  xg-7100 migration 2.0-beta4 • • JanBecher  

  3
  0
  Votes
  3
  Posts
  16
  Views

  J

  I will try that, and see how it goes. If not, I can do it manually. /Jan
• R

  Help Needed for any setup to be done or configured for HG612 3B
  • rpshan  

  5
  0
  Votes
  5
  Posts
  15
  Views

  R

  Hi ts1101, Good Day, Many thanks for the details again on this. I would agree with you with out any question. Prior unlocking, I could see its goes to BT Site for pay as you go subscription hence I don't want to take any chance i.e only by connecting lan2 port no phone line connected to it!. Some more setting pending with regards to WiFi access point need to keep them ready before hand. Will keep you updated. Thanks
• P

  BGW320 SFP
  • Phantom_Stage  

  2
  0
  Votes
  2
  Posts
  19
  Views

  P

  furthermore if anyone has successfully negotiated this formidable task please feel free to enlighten this true nube with the details.
• L

  Fresh install does not give Internet access [RESOLVED]
  • Lucky06480  

  6
  0
  Votes
  6
  Posts
  6384
  Views

  O

  @Lucky06480 Thank you for posting this years ago! It helped me just now to get my lab working! Disable hardware checksum offload worked like a charm! It was related to the USB-ethernet device.