@Tarrandio:
I ran into this when attempting to installing vmware tools following this guide:
http://www.v-front.de/2015/01/pfsense-22-was-released-how-to-install.html
You definitely shouldn't follow that guide on 2.3, and really not needed on 2.2.x either. Use the open-vm-tools package.
@sa_lontoc:
I finally made it work again after installing the package
using
pkg add http://pkg.freebsd.org/freebsd:10:x86:32/release_3/All/lcdproc-0.5.7_2.txz
everything looks normal but cant see LCD proc in Services
Because the LCDproc pfSense package has not been converted for 2.3, there won't be any pfSense GUI pages to control it, and pfSense won't "know" about it.
https://doc.pfsense.org/index.php/2.3_Removed_Packages
So after moving the LAN port over to the expansion card of the firebox we have not had a drop out on the LAN yet. In addition, since doing the hw.msk.msi_disable=1 the WAN port still has not dropped out. Any reason we should suspect the on board 4 port ethernet interface drivers as the culprit here?
I'm also going to upgrade an existing vmware ESXi 5.1 box where I have pfsense running as a virtual firewall and see what happens there.
it looks like its pointing to the right place, so not sure why the range isnt being taken into account
[image: Capture2.PNG_thumb]
[image: Capture2.PNG]
[image: Capture1.PNG_thumb]
[image: Capture1.PNG]
Thank you :)
If you look at my setup above, I want to supply two switches from two outputs on the fw (lets say opt1=sw1 and opt2=sw2). Would Interface-group be the fastest option or is there something that will give better speed or be more logical? On a FortiGate box I have today, this is called Zone and I assume this is similar. This lets me have only one fw-rule that is valid for letting the same traffic flow on both opt1 and opt2.
From what I can understand when reading the docs: bridge may be more complex than I need for this and LAGG-interface is only when you have multiple links to same switch (not like here when I have two seperate switches). So Interface-group is the best/only option?
I can try that. I already have SMP disabled on 2 of my other systems due to it causing networking to hang on them. But they have igb NIC's. I'll try it on this one as well. What do I have to lose..
I would bet that all of your clients would have eventually lost their default gateway, depending on when ether DHCP leases expired…
You are absolutely correct. My DHCP leases are 48 hours so I probably had just not hit the renewal for the other clients :) Thanks!
Just to point people who read this to the sticky about Gateway monitoring https://forum.pfsense.org/index.php?topic=110043.0
Thanks for the info!
My guess if it definitely was logging before the upgrade is something about that setting wasn't immediately applied to the running system. So it would have stopped post-reboot if that's the case. I confirmed it does immediately disable on 2.3. Haven't double checked anything earlier, though I'm pretty sure that worked immediately in general.
The config tag that enables that option is <disablelocallogging>inside <syslog>section.</syslog></disablelocallogging>
Looks like this is resolved in 2.3.1 as there was a bug preventing Advanced->Misc changes from being saved. Workaround in the bug comments also.
https://redmine.pfsense.org/issues/6146
@mer:
You're accessing the WebUI from WAN, HTTP, change it to HTTPS and get locked out, is that correct?
Yes. That's correct.
@mer:
But if you do the same operation from LAN, it works as you expect?
Yes.
Last time, I changed to another USB memory stick (larger one), flash the NanoBSD to the new stick, export config from old one, boot up with the new one, then in the new one I chose "import" and all good!
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.