@stephenw10
Thanks for the guidance Stephen. I’ll give that a try.

Did you try installing FreeBSD 15 to check for some upstream issue?

Indeed, where is it failing for you? What hardware are you running on?

Yup a clean install and restore will always work. Having that prepared and available is always a good idea.

@Finger79 I reinstall from scratch using 2.8 after disabling WIFI in the BIOS. Hopefully the bug is fixed in the near future.

Yup that^. Enable the CE repos in the first install step.

Or if you send me your NDI in chat I can remove it from the list. That would be permanent though.

@Finger79 said in Is GELI FDE option not part of the Netgate Installer 1.0RC?:

Hope that helps. But yeah, in the future I'll also have more VPNs set up, and I'd like those private keys protected.

In a business or enterprise environment, there is much more robust physical security. In a residential setting with people who help themselves to my personal belongings (and then lie about it), my trust can't be that high, so I have to control the things within my control until I can move out to safer pastures.

OK, I understand. 👍 Sorry!

You
Are
A
F*****
LEGEND !

Ah, OK. It doesn't expose the boot partition via GEOM. That's why the script shows it can't find it.

OK lets see what we can do here....

I had the same issue with pfsense 2.7.0 not seeing any updates to 2.7.2 even if i double check the base version etc...

certificate rehash and update from shell seems to work.

i also had the bad gateway error, and the only workaround is to restart the system or reload web config from console.

@patient0

perfect, thanks so much, up and running with 2.8!

@stephenw10 thanks a lot. my pfsense is now pinging quad9 and now everything is working. 👍🏻

@Finger79 said in Error using the Netgate installer on a new install on an HP t740 thin client PC [Solved - Intel WLAN]:

FreeBSD doesn't like HP eMMC storage is outdated

Make sure that you check the eMMC health regularly (pfSense: Troubleshooting Disk Lifetime: eMMC).

ZFS does write a lot more and there are a few threads here about Netgate devices with eMMC that failed quite early. UFS is better in that regard.

How-to for reducing disk writes pfSense: Troubleshooting Disk Writes.

@NOCling said in Separate file system (and pool) to isolate the logs, to not compromise the operating system !:

If you want to analyse Firewall Logs in a large environment, you need a external Syslog server.

You will not drop hundrets of GB Logs on a Firewall a start parssing thorugh there.

I more than agree with You strategically! We using external syllogism node, of course, Thank You!

But I am asking particulary about how to isolate the logs on the pfSense node.

Let me drop 5 cents about logs aggregation and analysis:

You will run a Graylog or other elastic seaech driven stuff to look into.
Search just the 1 line in a 40GB dayly log is no fun.

Of course, if You using Elasticsearch - even 10Gb / day would need a lot of resources on a separate node.

I recommend You using “ClickHouse + Vector.dev + Redash” instead than stack “Elastic Search + FluentD + Kibana” (or Elasticsearch + anything”): at initial point this give You superior (7-10x) better data compression, write optimization and on 1/3-1/4 less hardware resources. Operations like COUNT, SUM, and AVG over billions of rows execute 10-100x faster in ClickHouse compared to Elasticsearch….
And of course, better horizontal scaling with good consistency.

Hmm, so it can't pull stats data from Unbound at that time. It must be very highly loaded.

I would try turning up the logging. It will probably create a very large ammount of logs.

You could also check the states or run a packet capture to try and see what the traffic spike is.

Also check the number of states shown in the monitoring graphs. Does that also spike at the time?

@Gertjan thank you for the advice, yes, 24.11 it is available, seems that it was a hardware issue.

I As far as I know we never managed to replicate this. I upgraded 4200s many, many times during testing. And since then thousands have been upgraded in the field.

I still have no idea what could cause this. Upgrading at the console is the same process at the backend. 😕

Could be exhausting the RAM perhaps?

Anything in the system log after doing that?

I assume you don't have any recent snapshots in Proxmox?

@Hoserman7632 I finally got it to work. My Error, I named the Config file on the USB incorrectly.