disable ipv6 and try again

Thanks KOM! This worked like a charm. JayArr

Thanks to all, I've got it all running pretty well. The restore is in the GUI section, which I didn't expect, and that's where I think my confusion came from. I figured I was going to have to cut and paste with vim on a command line and then reboot. I love the fact that you can restore just a section of an old config file, this is a brilliant feature by the devs. In my case, all I really wanted to avoid was typing in all of the static mappings in the DHCP servers and I was able to import all of that in a couple of clicks. Brilliant. Thanks!

Got the same error when i tried initial upgrade from GIU 2.3.1-RELEASE-p5 (amd64) built on Thu Jun 16 12:53:15 CDT 2016 FreeBSD 10.3-RELEASE-p3 Second attempt: _61 MiB to be downloaded. Fetching pfSense-kernel-pfSense-2.3.2.txz: …....... done Fetching pfSense-default-config-2.3.2.txz: . done Fetching pfSense-base-2.3.2.txz: ........ done pkg: https://pkg.pfsense.org/pfSense_v2_3_2_amd64-core/All/pfSense-base-2.3.2.txz: Operation timed out Locking package pfSense-kernel-pfSense... done. Failed_

There is a period of time during the startup of pfSense, between when an interface is being activated, i.e. "Configuring *** Interface…" and when the firewall rules are applied, i.e. "Configuring firewall......done" in which the system is wide open.

It is saved in the ordinary pfSense config. Just make sure to do regular backup of the config - Diagnostics->Backup & Restore When you have backed up, use at text editor to look in the file you backed up. Search for user names and check they are there.

aii  I realized I downloaded the 32bit by mistake I will download the 64bit and try again I think that might have the problem

Multiple threads on the same thing will not get you help any faster. Also use code tags to avoid a "wall of text" posts.

It's most likely the effect of ARP cache and the modem insisting on not clearing it until the entries time out or it is rebooted. There is a piece of technology designed for the very situation known as "Gratuitous ARP" but if the modem does not honour that there are no other options than the two I already mentioned.

Anybody? I'll settle for not knowing why this interface bricked itself as long as I can force its removal from my system. Is there a command line function that can force the removal of an interface?

Access pfSense via SSH, option Shell (8) and use the command: pfSense-upgrade -d This worked for me.

Out of just pure curiosity why are you wanting to install 2.3.0 vs 2.3.2 – you really should install current.

Got it, let me get DNS name resolution working across the tunnel from either LAN. Thank you for the lucid explanations.

Yes, using the serial memstick installer image (not the CD iso)

@johnpoz: When you say public do you mean guest wifi? I would prob let them just use the secondary link if your not using that in a load balance setup and all your normal business traffic is on the 20x20 without issues.  Once you have to failover to backup I would prob nix all the "guest" wifi traffic all together. Guest network = guest wifi / VLAN30 - it's a public hotspot using the captive portal. Thanks for the input. I'm open to other ideas.  We are wanting maximum uptime; CARP/ pfSync - but also not wanting to create unnecessary complexity.

Strangely enough no. It was on Legacy. I tried every mode the motherboard has…. What I have noticed now is that only 2.3 works the way I mentioned above. When trying 2.2 the USB return to sata doesn't work. Good luck guys

Do you still have a backup of that config with the users and groups? I'd be very curious to see what might have caused that.