Quick update - the config worked. Thanks. However, due to some unknown issue in the serial line, it was quite slow (i had set baud rate as 115200). I got me a serial-usb cable and things have been much better.

New GUI gives more information, so your issue should be resolved.

That is exactly right.  It has been so trouble-free that I've never really had to get into the "inner workings"… until now... although, it is still running just fine, just needs some TLC to be able to extend its life. Thanks again for all the help.  I've been reading up on the different install types and, your post above helps me understand the differences and pros/cons. I'll post an update in a few weeks after I get my solution implemented. Regards

I have a few pfSense boxes that are failing the upgrade from 2.3.1-RELEASE-p1 to 2.3.2. Here is the output : /root: pfSense-upgrade -d ....>>> Updating repositories metadata... Updating pfSense-core repository catalogue... pfSense-core repository is up-to-date. Updating pfSense repository catalogue... pfSense repository is up-to-date. All repositories are up-to-date. **** WARNING **** Duplicate slice required!! Before starting the upgrade process, the currently mounted nanobsd partition needs to be cloned to the secondary partition, where the update will happen After installation a reboot will be required to switch partition. Proceed with upgrade? (y/N) y >>> Cleaning secondary partition... 1+0 records in 1+0 records out 1048576 bytes transferred in 0.127751 secs (8207960 bytes/sec) >>> Duplicating current slice... 30034+1 records in 30034+1 records out 1968349696 bytes transferred in 178.985462 secs (10997260 bytes/sec) >>> Restoring slice label... >>> Testing duplicated partition integrity... ** /dev/ufs/pfsense0 ** Last Mounted on / ** Phase 1 - Check Blocks and Sizes ** Phase 2 - Check Pathnames ** Phase 3 - Check Connectivity ** Phase 4 - Check Reference Counts ** Phase 5 - Check Cyl groups 16113 files, 993571 used, 2786457 free (2601 frags, 347982 blocks, 0.1% fragmentation) ***** FILE SYSTEM IS CLEAN ***** >>> Mounting second partition to run upgrade... >>> Unlocking package pfSense-kernel-pfSense_wrap... Unlocking pfSense-kernel-pfSense_wrap-2.3.1_1 >>> Downloading upgrade packages... Updating pfSense-core repository catalogue... pfSense-core repository is up-to-date. Updating pfSense repository catalogue... pfSense repository is up-to-date. All repositories are up-to-date. Checking for upgrades (65 candidates): .......... done Processing candidates (65 candidates): .......... done The following 66 package(s) will be affected (of 0 checked): New packages to be INSTALLED:         dnsmasq: 2.76,1 [pfSense] Installed packages to be UPGRADED:         xinetd: 2.3.15_1 -> 2.3.15_2 [pfSense]         unbound: 1.5.8 -> 1.5.9 [pfSense]         strongswan: 5.4.0 -> 5.5.0 [pfSense]         sqlite3: 3.11.1 -> 3.13.0 [pfSense]         smartmontools: 6.4_2 -> 6.5_1 [pfSense]         rrdtool: 1.5.5_1 -> 1.6.0_1 [pfSense]         relayd: 5.5.20140810_1 -> 5.5.20140810_2 [pfSense]         python27: 2.7.11_2 -> 2.7.12 [pfSense]         php56-zlib: 5.6.22 -> 5.6.23 [pfSense]         php56-xmlwriter: 5.6.22 -> 5.6.23 [pfSense]         php56-xmlreader: 5.6.22 -> 5.6.23 [pfSense]         php56-xml: 5.6.22 -> 5.6.23 [pfSense]         php56-tokenizer: 5.6.22 -> 5.6.23 [pfSense]         php56-sysvshm: 5.6.22 -> 5.6.23 [pfSense]         php56-sysvsem: 5.6.22 -> 5.6.23 [pfSense]         php56-sysvmsg: 5.6.22 -> 5.6.23 [pfSense]         php56-sqlite3: 5.6.22 -> 5.6.23 [pfSense]         php56-sockets: 5.6.22 -> 5.6.23 [pfSense]         php56-simplexml: 5.6.22 -> 5.6.23 [pfSense]         php56-shmop: 5.6.22 -> 5.6.23 [pfSense]         php56-session: 5.6.22 -> 5.6.23 [pfSense]         php56-readline: 5.6.22 -> 5.6.23 [pfSense]         php56-posix: 5.6.22 -> 5.6.23 [pfSense]         php56-pdo_sqlite: 5.6.22 -> 5.6.23 [pfSense]         php56-pdo: 5.6.22 -> 5.6.23 [pfSense]         php56-pcntl: 5.6.22 -> 5.6.23 [pfSense]         php56-openssl: 5.6.22 -> 5.6.23 [pfSense]         php56-opcache: 5.6.22 -> 5.6.23_1 [pfSense]         php56-mcrypt: 5.6.22 -> 5.6.23 [pfSense]         php56-mbstring: 5.6.22 -> 5.6.23 [pfSense]         php56-ldap: 5.6.22 -> 5.6.23 [pfSense]         php56-json: 5.6.22 -> 5.6.23 [pfSense]         php56-hash: 5.6.22 -> 5.6.23 [pfSense]         php56-gettext: 5.6.22 -> 5.6.23 [pfSense]         php56-filter: 5.6.22 -> 5.6.23 [pfSense]         php56-dom: 5.6.22 -> 5.6.23 [pfSense]         php56-curl: 5.6.22 -> 5.6.23 [pfSense]         php56-ctype: 5.6.22 -> 5.6.23 [pfSense]         php56-bz2: 5.6.22 -> 5.6.23 [pfSense]         php56-bcmath: 5.6.22 -> 5.6.23 [pfSense]         php56: 5.6.22 -> 5.6.23 [pfSense]         php-xdebug: 2.2.5 -> 2.4.0 [pfSense]         pfSense-rc: 2.3.1_1 -> 2.3.2 [pfSense-core]         pfSense-kernel-pfSense_wrap: 2.3.1_1 -> 2.3.2 [pfSense-core]         pfSense-default-config-serial: 2.3.1_1 -> 2.3.2 [pfSense-core]         pfSense-base-nanobsd: 2.3.1_1 -> 2.3.2 [pfSense-core]         pfSense-Status_Monitoring: 1.4.2_1 -> 1.4.4_2 [pfSense]         pfSense: 2.3.1_1 -> 2.3.2 [pfSense]         perl5: 5.20.3_12 -> 5.20.3_13 [pfSense]         pecl-rrd: 1.1.3_2 -> 1.1.3_3 [pfSense]         pecl-radius: 1.2.7 -> 1.3.0 [pfSense]         pcre: 8.38_1 -> 8.39 [pfSense]         nginx: 1.8.1,2 -> 1.10.1,2 [pfSense]         libssh2: 1.6.0_1,2 -> 1.7.0,2 [pfSense]         libedit: 3.1.20150325_2 -> 3.1.20150325_2,1 [pfSense]         isc-dhcp43-server: 4.3.3P1_1 -> 4.3.4 [pfSense]         isc-dhcp43-relay: 4.3.3P1_1 -> 4.3.4_1 [pfSense]         isc-dhcp43-client: 4.3.3P1_1 -> 4.3.4 [pfSense]         ipmitool: 1.8.15_1 -> 1.8.17_1 [pfSense]         gettext-runtime: 0.19.7 -> 0.19.8.1 [pfSense]         filterlog: 0.1_2 -> 0.1_4 [pfSense]         expat: 2.1.1_1 -> 2.1.1_2 [pfSense]         curl: 7.48.0_1 -> 7.49.1 [pfSense]         ca_root_nss: 3.22.2 -> 3.25 [pfSense]         bind-tools: 9.10.3P4 -> 9.10.4P2 [pfSense] Number of packages to be installed: 1 Number of packages to be upgraded: 65 The process will require 2 MiB more space. 75 MiB to be downloaded. Fetching xinetd-2.3.15_2.txz: ........ done Fetching unbound-1.5.9.txz: .......... done Fetching strongswan-5.5.0.txz: .......... done Fetching sqlite3-3.13.0.txz: .......... done Fetching smartmontools-6.5_1.txz: .......... done Fetching rrdtool-1.6.0_1.txz: .......... done Fetching relayd-5.5.20140810_2.txz: .......... done Fetching python27-2.7.12.txz: .......... done Fetching php56-zlib-5.6.23.txz: .. done Fetching php56-xmlwriter-5.6.23.txz: .. done Fetching php56-xmlreader-5.6.23.txz: .. done Fetching php56-xml-5.6.23.txz: .. done Fetching php56-tokenizer-5.6.23.txz: . done Fetching php56-sysvshm-5.6.23.txz: . done Fetching php56-sysvsem-5.6.23.txz: . done Fetching php56-sysvmsg-5.6.23.txz: . done Fetching php56-sqlite3-5.6.23.txz: .. done Fetching php56-sockets-5.6.23.txz: .... done Fetching php56-simplexml-5.6.23.txz: ... done Fetching php56-shmop-5.6.23.txz: . done Fetching php56-session-5.6.23.txz: ... done Fetching php56-readline-5.6.23.txz: .. done Fetching php56-posix-5.6.23.txz: . done Fetching php56-pdo_sqlite-5.6.23.txz: .. done Fetching php56-pdo-5.6.23.txz: ..... done Fetching php56-pcntl-5.6.23.txz: .. done Fetching php56-openssl-5.6.23.txz: ..... done Fetching php56-opcache-5.6.23_1.txz: ...... done Fetching php56-mcrypt-5.6.23.txz: .. done Fetching php56-mbstring-5.6.23.txz: .......... done Fetching php56-ldap-5.6.23.txz: .. done Fetching php56-json-5.6.23.txz: .. done Fetching php56-hash-5.6.23.txz: .......... done Fetching php56-gettext-5.6.23.txz: . done Fetching php56-filter-5.6.23.txz: .. done Fetching php56-dom-5.6.23.txz: ..... done Fetching php56-curl-5.6.23.txz: ... done Fetching php56-ctype-5.6.23.txz: . done Fetching php56-bz2-5.6.23.txz: .. done Fetching php56-bcmath-5.6.23.txz: .. done Fetching php56-5.6.23.txz: .......... done Fetching php-xdebug-2.4.0.txz: ......... done Fetching pfSense-rc-2.3.2.txz: . done Fetching pfSense-kernel-pfSense_wrap-2.3.2.txz: .......... done Fetching pfSense-default-config-serial-2.3.2.txz: . done Fetching pfSense-base-nanobsd-2.3.2.txz: .......... done Fetching pfSense-Status_Monitoring-1.4.4_2.txz: .. done Fetching pfSense-2.3.2.txz: . done Fetching perl5-5.20.3_13.txz: .......... done Fetching pecl-rrd-1.1.3_3.txz: .. done Fetching pecl-radius-1.3.0.txz: ... done Fetching pcre-8.39.txz: .......... done Fetching nginx-1.10.1,2.txz: .......... done Fetching libssh2-1.7.0,2.txz: .......... done Fetching libedit-3.1.20150325_2,1.txz: .......... done Fetching isc-dhcp43-server-4.3.4.txz: .......... done Fetching isc-dhcp43-relay-4.3.4_1.txz: .......... done Fetching isc-dhcp43-client-4.3.4.txz: .......... done Fetching ipmitool-1.8.17_1.txz: .......... done Fetching gettext-runtime-0.19.8.1.txz: .......... done Fetching filterlog-0.1_4.txz: . done Fetching expat-2.1.1_2.txz: .......... done Fetching curl-7.49.1.txz: .......... done Fetching ca_root_nss-3.25.txz: .......... done Fetching bind-tools-9.10.4P2.txz: .......... done Fetching dnsmasq-2.76,1.txz: .......... done Checking integrity... done (1 conflicting)   - dnsmasq-2.76,1 [pfSense] conflicts with dnsmasq-devel-2.76.0test12 [installed] on /usr/local/sbin/dnsmasq Checking integrity... done (0 conflicting) Conflicts with the existing packages have been found. One more solver iteration is needed to resolve them. The following 67 package(s) will be affected (of 0 checked): Installed packages to be REMOVED:         dnsmasq-devel-2.76.0test12 New packages to be INSTALLED:         dnsmasq: 2.76,1 [pfSense] Installed packages to be UPGRADED:         gettext-runtime: 0.19.7 -> 0.19.8.1 [pfSense]         python27: 2.7.11_2 -> 2.7.12 [pfSense]         perl5: 5.20.3_12 -> 5.20.3_13 [pfSense]         pcre: 8.38_1 -> 8.39 [pfSense]         expat: 2.1.1_1 -> 2.1.1_2 [pfSense]         ca_root_nss: 3.22.2 -> 3.25 [pfSense]         unbound: 1.5.8 -> 1.5.9 [pfSense]         rrdtool: 1.5.5_1 -> 1.6.0_1 [pfSense]         php56: 5.6.22 -> 5.6.23 [pfSense]         curl: 7.48.0_1 -> 7.49.1 [pfSense]         strongswan: 5.4.0 -> 5.5.0 [pfSense]         sqlite3: 3.11.1 -> 3.13.0 [pfSense]         php56-session: 5.6.22 -> 5.6.23 [pfSense]         php56-pdo: 5.6.22 -> 5.6.23 [pfSense]         php56-dom: 5.6.22 -> 5.6.23 [pfSense]         pecl-rrd: 1.1.3_2 -> 1.1.3_3 [pfSense]         libssh2: 1.6.0_1,2 -> 1.7.0,2 [pfSense]         libedit: 3.1.20150325_2 -> 3.1.20150325_2,1 [pfSense]         xinetd: 2.3.15_1 -> 2.3.15_2 [pfSense]         smartmontools: 6.4_2 -> 6.5_1 [pfSense]         relayd: 5.5.20140810_1 -> 5.5.20140810_2 [pfSense]         php56-zlib: 5.6.22 -> 5.6.23 [pfSense]         php56-xmlwriter: 5.6.22 -> 5.6.23 [pfSense]         php56-xmlreader: 5.6.22 -> 5.6.23 [pfSense]         php56-xml: 5.6.22 -> 5.6.23 [pfSense]         php56-tokenizer: 5.6.22 -> 5.6.23 [pfSense]         php56-sysvshm: 5.6.22 -> 5.6.23 [pfSense]         php56-sysvsem: 5.6.22 -> 5.6.23 [pfSense]         php56-sysvmsg: 5.6.22 -> 5.6.23 [pfSense]         php56-sqlite3: 5.6.22 -> 5.6.23 [pfSense]         php56-sockets: 5.6.22 -> 5.6.23 [pfSense]         php56-simplexml: 5.6.22 -> 5.6.23 [pfSense]         php56-shmop: 5.6.22 -> 5.6.23 [pfSense]         php56-readline: 5.6.22 -> 5.6.23 [pfSense]         php56-posix: 5.6.22 -> 5.6.23 [pfSense]         php56-pdo_sqlite: 5.6.22 -> 5.6.23 [pfSense]         php56-pcntl: 5.6.22 -> 5.6.23 [pfSense]         php56-openssl: 5.6.22 -> 5.6.23 [pfSense]         php56-opcache: 5.6.22 -> 5.6.23_1 [pfSense]         php56-mcrypt: 5.6.22 -> 5.6.23 [pfSense]         php56-mbstring: 5.6.22 -> 5.6.23 [pfSense]         php56-ldap: 5.6.22 -> 5.6.23 [pfSense]         php56-json: 5.6.22 -> 5.6.23 [pfSense]         php56-hash: 5.6.22 -> 5.6.23 [pfSense]         php56-gettext: 5.6.22 -> 5.6.23 [pfSense]         php56-filter: 5.6.22 -> 5.6.23 [pfSense]         php56-curl: 5.6.22 -> 5.6.23 [pfSense]         php56-ctype: 5.6.22 -> 5.6.23 [pfSense]         php56-bz2: 5.6.22 -> 5.6.23 [pfSense]         php56-bcmath: 5.6.22 -> 5.6.23 [pfSense]         php-xdebug: 2.2.5 -> 2.4.0 [pfSense]         pfSense-rc: 2.3.1_1 -> 2.3.2 [pfSense-core]         pfSense-Status_Monitoring: 1.4.2_1 -> 1.4.4_2 [pfSense]         pecl-radius: 1.2.7 -> 1.3.0 [pfSense]         nginx: 1.8.1,2 -> 1.10.1,2 [pfSense]         isc-dhcp43-server: 4.3.3P1_1 -> 4.3.4 [pfSense]         isc-dhcp43-relay: 4.3.3P1_1 -> 4.3.4_1 [pfSense]         isc-dhcp43-client: 4.3.3P1_1 -> 4.3.4 [pfSense]         ipmitool: 1.8.15_1 -> 1.8.17_1 [pfSense]         filterlog: 0.1_2 -> 0.1_4 [pfSense]         bind-tools: 9.10.3P4 -> 9.10.4P2 [pfSense]         pfSense-kernel-pfSense_wrap: 2.3.1_1 -> 2.3.2 [pfSense-core]         pfSense-default-config-serial: 2.3.1_1 -> 2.3.2 [pfSense-core]         pfSense-base-nanobsd: 2.3.1_1 -> 2.3.2 [pfSense-core]         pfSense: 2.3.1_1 -> 2.3.2 [pfSense] Number of packages to be removed: 1 Number of packages to be installed: 1 Number of packages to be upgraded: 65 The process will require 2 MiB more space. >>> Upgrading pfSense kernel... Updating pfSense-core repository catalogue... pfSense-core repository is up-to-date. Updating pfSense repository catalogue... pfSense repository is up-to-date. All repositories are up-to-date. Checking integrity... done (0 conflicting) The following 2 package(s) will be affected (of 0 checked): Installed packages to be UPGRADED:         pfSense-kernel-pfSense_wrap: 2.3.1_1 -> 2.3.2 [pfSense-core]         pfSense-rc: 2.3.1_1 -> 2.3.2 [pfSense-core] Number of packages to be upgraded: 2 [1/2] Upgrading pfSense-rc from 2.3.1_1 to 2.3.2... [1/2] Extracting pfSense-rc-2.3.2: .... done [2/2] Upgrading pfSense-kernel-pfSense_wrap from 2.3.1_1 to 2.3.2... [2/2] Extracting pfSense-kernel-pfSense_wrap-2.3.2: .......... done ===> Keeping a copy of current kernel in /boot/kernel.old >>> Upgrading necessary packages... Updating pfSense-core repository catalogue... pfSense-core repository is up-to-date. Updating pfSense repository catalogue... pfSense repository is up-to-date. All repositories are up-to-date. Checking for upgrades (63 candidates): .......... done Processing candidates (63 candidates): .......... done Checking integrity... done (1 conflicting)   - dnsmasq-2.76,1 [pfSense] conflicts with dnsmasq-devel-2.76.0test12 [installed] on /usr/local/sbin/dnsmasq Checking integrity... done (0 conflicting) The following 65 package(s) will be affected (of 0 checked): Installed packages to be REMOVED:         dnsmasq-devel-2.76.0test12 New packages to be INSTALLED:         dnsmasq: 2.76,1 [pfSense] Installed packages to be UPGRADED:         xinetd: 2.3.15_1 -> 2.3.15_2 [pfSense]         unbound: 1.5.8 -> 1.5.9 [pfSense]         strongswan: 5.4.0 -> 5.5.0 [pfSense]         sqlite3: 3.11.1 -> 3.13.0 [pfSense]         smartmontools: 6.4_2 -> 6.5_1 [pfSense]         rrdtool: 1.5.5_1 -> 1.6.0_1 [pfSense]         relayd: 5.5.20140810_1 -> 5.5.20140810_2 [pfSense]         python27: 2.7.11_2 -> 2.7.12 [pfSense]         php56-zlib: 5.6.22 -> 5.6.23 [pfSense]         php56-xmlwriter: 5.6.22 -> 5.6.23 [pfSense]         php56-xmlreader: 5.6.22 -> 5.6.23 [pfSense]         php56-xml: 5.6.22 -> 5.6.23 [pfSense]         php56-tokenizer: 5.6.22 -> 5.6.23 [pfSense]         php56-sysvshm: 5.6.22 -> 5.6.23 [pfSense]         php56-sysvsem: 5.6.22 -> 5.6.23 [pfSense]         php56-sysvmsg: 5.6.22 -> 5.6.23 [pfSense]         php56-sqlite3: 5.6.22 -> 5.6.23 [pfSense]         php56-sockets: 5.6.22 -> 5.6.23 [pfSense]         php56-simplexml: 5.6.22 -> 5.6.23 [pfSense]         php56-shmop: 5.6.22 -> 5.6.23 [pfSense]         php56-session: 5.6.22 -> 5.6.23 [pfSense]         php56-readline: 5.6.22 -> 5.6.23 [pfSense]         php56-posix: 5.6.22 -> 5.6.23 [pfSense]         php56-pdo_sqlite: 5.6.22 -> 5.6.23 [pfSense]         php56-pdo: 5.6.22 -> 5.6.23 [pfSense]         php56-pcntl: 5.6.22 -> 5.6.23 [pfSense]         php56-openssl: 5.6.22 -> 5.6.23 [pfSense]         php56-opcache: 5.6.22 -> 5.6.23_1 [pfSense]         php56-mcrypt: 5.6.22 -> 5.6.23 [pfSense]         php56-mbstring: 5.6.22 -> 5.6.23 [pfSense]         php56-ldap: 5.6.22 -> 5.6.23 [pfSense]         php56-json: 5.6.22 -> 5.6.23 [pfSense]         php56-hash: 5.6.22 -> 5.6.23 [pfSense]         php56-gettext: 5.6.22 -> 5.6.23 [pfSense]         php56-filter: 5.6.22 -> 5.6.23 [pfSense]         php56-dom: 5.6.22 -> 5.6.23 [pfSense]         php56-curl: 5.6.22 -> 5.6.23 [pfSense]         php56-ctype: 5.6.22 -> 5.6.23 [pfSense]         php56-bz2: 5.6.22 -> 5.6.23 [pfSense]         php56-bcmath: 5.6.22 -> 5.6.23 [pfSense]         php56: 5.6.22 -> 5.6.23 [pfSense]         php-xdebug: 2.2.5 -> 2.4.0 [pfSense]         pfSense-default-config-serial: 2.3.1_1 -> 2.3.2 [pfSense-core]         pfSense-base-nanobsd: 2.3.1_1 -> 2.3.2 [pfSense-core]         pfSense-Status_Monitoring: 1.4.2_1 -> 1.4.4_2 [pfSense]         pfSense: 2.3.1_1 -> 2.3.2 [pfSense]         perl5: 5.20.3_12 -> 5.20.3_13 [pfSense]         pecl-rrd: 1.1.3_2 -> 1.1.3_3 [pfSense]         pecl-radius: 1.2.7 -> 1.3.0 [pfSense]         pcre: 8.38_1 -> 8.39 [pfSense]         nginx: 1.8.1,2 -> 1.10.1,2 [pfSense]         libssh2: 1.6.0_1,2 -> 1.7.0,2 [pfSense]         libedit: 3.1.20150325_2 -> 3.1.20150325_2,1 [pfSense]         isc-dhcp43-server: 4.3.3P1_1 -> 4.3.4 [pfSense]         isc-dhcp43-relay: 4.3.3P1_1 -> 4.3.4_1 [pfSense]         isc-dhcp43-client: 4.3.3P1_1 -> 4.3.4 [pfSense]         ipmitool: 1.8.15_1 -> 1.8.17_1 [pfSense]         gettext-runtime: 0.19.7 -> 0.19.8.1 [pfSense]         filterlog: 0.1_2 -> 0.1_4 [pfSense]         expat: 2.1.1_1 -> 2.1.1_2 [pfSense]         curl: 7.48.0_1 -> 7.49.1 [pfSense]         ca_root_nss: 3.22.2 -> 3.25 [pfSense]         bind-tools: 9.10.3P4 -> 9.10.4P2 [pfSense] Number of packages to be removed: 1 Number of packages to be installed: 1 Number of packages to be upgraded: 63 The process will require 2 MiB more space. [1/65] Upgrading gettext-runtime from 0.19.7 to 0.19.8.1... [1/65] Extracting gettext-runtime-0.19.8.1: .......... done [2/65] Upgrading python27 from 2.7.11_2 to 2.7.12... [2/65] Extracting python27-2.7.12: ..Child process pid=7912 terminated abnormally: Killed >>> Locking package pfSense-kernel-pfSense_wrap... Locking pfSense-kernel-pfSense_wrap-2.3.2 pkg: open(/bin/sh): No such file or directory pkg: open(/bin/sh): No such file or directory pkg: Unable to determine ABI pkg: Cannot parse configuration file! pkg: open(/bin/sh): No such file or directory pkg: open(/bin/sh): No such file or directory pkg: Unable to determine ABI pkg: Cannot parse configuration file!

You really don't want some ancient PC as your fulltime router anyway.

Your thread title is install pfsense on some old pc hardware.. ie running vista.  Then do that!!  Then setup your vpn client in pfsense, then use your old router as your AP.  And then you can policy route whatever traffic you want to use the vpn connection on pfsense, be it wired clients, wireless clients or shoot even inbound vpn clients to your pfsense setup. People on this forum have pfsense, or they going to run pfsense, etc.  While sure general networking questions no related to pfsense come up, shoot even some basic windows stuff like file sharing - mostly because they try and blame their issues on pfsense ;) Routing traffic out via some host on your network from another host on your network rarely going to be a good solution to anything.

Ah, I wish I had realised that you need to be signed in to see the attached files. I just spend about 4 hours solving this problem myself as I couldn't see the attachments anywhere and assumed they were never attached properly. :p Anyway, I had the same issue on an APU2 board with an 8GB SD card from Yawarra trying to upgrade from 2.2.6 to 2.3.1. The fix in the files from Vertec is probably the best approach. but just for completeness I was able to get around this by changing this line: return trim(`/sbin/glabel list | /usr/bin/grep -B2 ufs/pfsense | /usr/bin/head -n 1 | /usr/bin/cut -f3 -d' ' | /usr/bin/cut -d's' -f1`); to: return trim(`/sbin/glabel list | /usr/bin/grep -B2 ufs/pfsense | /usr/bin/head -n 1 | /usr/bin/cut -f3 -d' ' | /usr/bin/cut -d's' -f1,2`); This had to be changed on /etc/inc/pfsense_utils.inc to fix the Diagnostics > NanoBSD page and also in /etc/rc.firmware to fix the upgrade script itself. Fortunately it looks like the Upgrade issue has been fixed. The /etc/rc.firmware file no longer exists after upgrading to 2.3.1 and I have just completed an upgrade from 2.3.1 to 2.3.2 successfully. It actually threw an error saying that it failed but it seems to have worked ok in spite of what the GUI said. I just had a look after the upgrade and the Diagnostics > NanoBSD page has reverted to reading mmcs again instead of the correct slice/device names. I assume that any functions on that page will be broken. The Dashboard also shows the incorrect values in the NanoBSD Boot Slice section. +1 for getting this issue fixed so that SD cards and pfSense can play together. Hope it helps someone save some frustration with their shiny new toy. Lukas.

When I connected to the serial terminal, I saw various disk errors. I did a complete reinstall and restored the backup configuration, and everything looks fine now. Thanks for the suggestion. Meantime, I'll watch the disk to see if this was a software or hardware problem.

https://forum.pfsense.org/index.php?topic=114877.msg638304#msg638304

It was on 2.3, trying to upgrade to 2.3.2. So i dont think it was that old. But why it would just start working without issue? No changes was made in the package either.

@RonpfS: https://forum.pfsense.org/index.php?topic=102470.msg647719#msg647719 Thanks RonpfS

Part of being security-conscious is not just using encryption but keeping the clients, settings, and other standards up-to-date. Over time weaker ciphers, hashes and so on are found to be vulnerable (sometimes in theory, sometimes in reality) so they get disabled. Time marches on. I wanted to keep using SecureCRT so I dropped some cash on a current version and made sure all my profiles had compatible ciphers, hashes, and MACs enabled. Now it's happy (aside from a keyboard-interactive issue in SecureCRT I'm still tracking before submitting a bug report). I bugged them about chacha20-poly1305, AES256-GCM, and curve25519-sha256 and they put in feature requests for them on my behalf. If you're using an older version of SecureCRT because it was the only cracked one available on a torrent site, then I have no sympathy. Otherwise, if you like it, support them and grab an upgrade. It's not cheap, but it's an excellent client with superior session management. I've used it off and on since I was in college far too many years ago. UEX for Linux was using an older libssh but they just put out a beta version that works. Recent versions of PuTTY and Filezilla and others are fine, too. There are wrappers out there that use putty or command line ssh utilities (depending on your OS, things like PAC are interesting), but there isn't much of an excuse to not keep yourself and your infrastructure secure for the sake of ssh clients suffering from bit rot. You might need to clear out older host key fingerprints from your ~/.ssh/known_hosts file if you use a command line client. See here for details: https://doc.pfsense.org/index.php/2.3.2_New_Features_and_Changes#SSH_Daemon

I don't know how the switches are configured. I will reach out to someone who either knows or can tell me how to access the switches. Thank you.

I'm seeing the same thing when trying to go from 2.2.4-RELEASE to 2.3.1.  2.3.1 is what the auto-updater selects even thought 2.3.2 is out there. In any case, updater is pulling from the following location: http://updates.pfsense.org/_updaters/amd64/latest.tgz Manually calculating sha256 on the file gives: 3cc43fbf706e33b25750064c7d1fbbdc77d6675c355d877a4b959cd5d77d9b6e While the latest.tgz.sha256 gives: 12e1e22262f9424324e86c208d7aa741c90d1c79f6120e1b365aa942faebc247 I'm assuming it's safe to proceed with latest.tgz, but wanted to check considering the hashes are there for a reason.

It's either VGA switching to serial or it's not. KVM or direct-attached monitor doesn't matter.

Latest update… Believe I have figured it out, but running some last checks to optimize/cleanup. The problem is that the Routing Tables in AWS need to be corrected, which was not part of the documentation. Briefly, as it stands with v2.3.2, there are Three Problems (but all fixable) when Installing the pfSense AMI on AWS: 1. A LAN Interface cannot be added until the Bug Fix of Disabling DHCP6 via SSH is performed. (See First Post) 2. The LAN INET Firewall Rule is broken, and needs to be fixed by either editing it, for Protocol "any" or deleted and a new LAN Default Rule is created. 3. The Route Table for the Private LAN needs, just a little... just a little explanation of how to get clients to work with pfSense.  The following steps should be part of the Install Documentation: Fixing the Routing Tables In AWS: Go to Services -> VPC -> Route Tables Select the Route which is for the Private LAN.  This will be the one, which has 0 Subnets and Yes for Main Click on the Routes Tab Click on the Edit Button Click on the Add Another Route button For the Destination, enter 0.0.0.0/0 For the Target, click in the field and see if the pfSense instance populates.  --- If so, click on it.  If not, find the Instance ID of the Instance (EC2 Console -> Instances) and copy it.  --- Paste the Instance ID into the Target.  It should then populate.  If not, may need to wait some time for AWS infrastructure to propagate with the newly created instance. Click on Save If there is an Error, in regards of multiple interfaces, then copy the Network Interface ID of the LAN (EC2 Console -> Network Interfaces), which begins with "eni". Insert the LAN's Network Interface ID into the Target Field.  It should then populate. Click on Save Click on the Subnet Associations Tab Click on the Edit Button Check the box for the Private LAN subnet Click on Save AWS Security Groups, may be another item, in which different Security Groups need access to one another. That is to have the Inbound Rules set to All Traffic with the Source of the communicating Security Group.  I have not verified this as of yet.  But as of now, I can have a Windows Client pull Updates and browse to Google… but not Bing... which is weird.... not that it really matters..... but is odd...... Will publish the steps I took in a separate thread, once I clean things up.

I've started to have this same issue and I think the "programming bug detected" started happening at the same time as yours. Did you manage to work out what the issue was? It happens at really random times… sometimes it can goes weeks without issue then experience 2 or 3 of these reboots in 15 minutes! I'm guessing it could be a hardware fault though finding the root cause would be helpful. Thanks Tim

Quality graph is still there, just under monitoring..

Who are these users, are they always the same?  Are they random guests?  What do they need to access while on this wifi?  Is it network resources that are of concern?  What hardware are they connecting to the network with?  Hardware you control or manage or their own? If you have a mix, then yeah multiple wifi networks that have different layers of access to your network or internet.. Would have a network that is from your devices that you manage that can be allowed to access your internal network stuff that they need to access, etc. Then you have a guest network that can use the internet - that would have not access to anything on your network, etc. Maybe you use eap-tls to auth to the normal wifi network, or some other eap that has user name and password even if just peap, etc.  Or sure a nice strong wpa2/aes with a good strong PSK - that maybe gets changed now and then because users leak it out, etc.  Then your guest could be something as simple wide open no auth, or maybe it has captive portal like a hotel, or maybe you use a PSK that is simple to remember and you hand out to your guests, etc.

Thanks now it is updating but i first got this error. –----- Auto upgrade aborted. Downloaded SHA256: 0683264e902d59f7190e71f582d66dbc01382e138d0e632f81dc04cbeb948a3d Needed SHA256: 1a87fd24a383624dd68aec94d100 and when i tried a couple of more times sometimes i got 2.3.1 and some times 2.3.2. but now it is installing 2.3.1.