I am new to pfSense and was feeling quite excited.

Great, welcome to the club!

After trying to install on an old HP G5 and coming across a thread hashing out the debacle over 2.4.4 breaking stuff for people and not being able to get official access to previous version I figured I should ask some questions.

We don't allow back access not because it's insecure. We are a security company; each of our updates contains security patches and fixes. It would be irresponsible of us, hurt our customer's relationship and trust with us if we willingly allowed insecure software to be officially distributed.

I currently have a Protectii Intel i5 7200U, AES-NI, Barebone. 2.4.4 installed and seems to run great. Approximately how long before this is obsolete and gets broken from an update?

No one really know's, We are not going to force you to purchase a new piece of hardware. If something fails because of poor manufacturing that is not our responsibility. The only hardware support we have retired was our 32 bit OS support. We don't intentionally 'break' updates or willing try and cause our customer's pain. If you follow the steps in our posts at time of update; you should be fine. I would recommend you attempt restoring a backup before you are forced to do so. Now is a great time.

If you are on 2.4.4 please consider updating to 2.4.4-p2.

And if I understand correctly from the other thread if it does stop working at some point, I won't be able to roll back to a previous version (even if I still have the installer in some cases due to packages not being available) to get up and running at least until such a time that I can get newer supported equipment, if that is the route we choose?

This is not always the case; the update from 2.4.3 to 2.4.4 we migrated from PHP5.6 to PHP7.2. That was a large project, and we could not keep our packages running both versions of PHP.

Most of the time the jump in version, 2.3 to 2.4 allows us to have both package servers running, you would be able to rollback, but again we would prefer you not too, as it's insecure.

I am assuming that there would be ample notification if I continue to do my due diligence and stay up with notifications and such?

Yes, Please keep in touch:
Follow our
Twitter
Feeds
Youtube Channel
Our blog
sign up for our Newsletter

Please become involved more in our forum.

Would there be a difference in the above scenario (assuming it is correct) between running the Community Edition or the Paid Support Edition?

Yes, and No. The bigger difference is if you had our hardware, we don't have the resources to test every iteration of hardware our customer base uses. We, the Global Support team tests our hardware, updates, new install and packages a multitude of times. We want this to be a smooth process for all of our customer base.

The biggest issues we have see "update xxx broke my machine it won't boot now."
That is a symptom of our success, it's unfortunately is timing issue. As an OS pfSense is incredibly stable, we see people brag about their large up time. During the up time a component of hardware failed, and it won't work after the power is shut off or rebooted. This is why when you read our update guide, step 1 is to backup, step 2 is have a fallback plan, step 3 is reboot, only after then do we discuss running the backup.

The paid support is for you to be able to contact the Global Support team at Netgate.

Probably will have more questions, just not experience enough yet to know them. Thanks for your time.

I hope I have answered your questions. Please let me know if you have any more.

Ouch sorry I overlooked that.
Thanks for clearing.

-Rico

@cmenghi Solved updating to 2.4.4_2

Still an issue. Lost pfSense GUI connection again, after trying to access Diagnostics > Backup/restore.

Sometimes that happens if you are in the middle of an update when a new snapshot rolls out.

Wait a few minutes and try again.

Same issue maybe?
https://forum.netgate.com/topic/138788/no-default-route-after-reboot-using-gateway-groups

-Rico

I had some trouble with the console on my Windows 10 PC but support I was able to point me to a proper copy of the drivers. Then things misbehaved in the putty session to the console (oddly garbled screen) but a power cycle got me to the menu and a factory reset. I am having a mess of trouble importing a backup from my old pfsense box and support is trying to see if they can possibly massage it to be usable in the SG-3100. I'll update when I hear back from them. Thanks for the reply.

The check to the left of System Watchdog means it's current.
The text would be red if something is wrong.

We don't usually put out a patch release image for CE but there were a sufficient number of issues with 2.4.4 that we did this time (along with all the additional testing that incurs). P2 is a much smaller patch, installing p1 and upgrading should be painless.

Steve

Almost certainly not the same issue.

But small packet pass (initial handshake) big packets fail (TLS exchange) does sounds like it could be MTU.

Why are you running 2.3.5 though? Unless you have a very good reason not to you should upgrade before doing anything else.

Steve

Hit CTRL+F5 and try again.

-Rico

work now clone the mac address of the router there work thx for the help

Solved here too - update worked properly now.

@frankbicknell I have it all sorted out. I didn't quite realize that it is the hostname and domain of the pfSense appliance. It is up and running and so far with pfBlocker my spam, scams, and extortion emails are down by 90%. What a great piece of work. Thank you.

@chpalmer said in Package update/reinstall issues after update to 2.2.4_2:

Assuming you mean 2.4.4-p2 Anything 2.2 would be quite old and unsupported.

yes! oops

same problem for me on all my pfsense servers, all of them resolve srv records fine...
seems to be a problem
take a look at the twiter netgate account https://twitter.com/NetgateUSA/status/1088455647807455232

Our twitter feed is a good spot: https://twitter.com/NetgateUSA/status/1088455647807455232

We will update there when it's resolved.

@datpif said in Crashes after upgrading to latest version:

Ok so it turns out that it might be the Wemo smart plug. I have had solid 24 hours without a crash how odd.

Unclean power can do all sorts of weird things, so it's not terribly surprising. If you have a power strip or UPS that done line conditioning you could put that after the smart plug, but odds are if you have it on a smart plug you don't want a UPS. Though you wouldn't normally want to shut off a firewall by a smart plug, that harsh of a shutdown is likely to cause filesystem corruption.

Soon.