try this : pf2ad.mundounix.com.br/pt/index.html

OK, thanks for the info. Just had to force another reboot this morning. They never hang at the same time, so it can't be any cron-jobs at least. Will try to clean install 2.3.1 and see if this helps. These units have been around for a while and been updated over and over since 2.1-ish something, but only been on the stable releases. No other errors reported (SMART for example, they have 16GB SSD cards installed). /Mattias

its an old 6 port 'router' … ok, i was able to disable my old nic interfaces (the gigabit are still active) and retried. now im getting some vm_thread_new;kstack allocation failed.... panic.... doesnt sound good... (update: i used the extra boot options like safe  mode etc) the good thing is freebsd10.1-mini_usb does launch correctly. i get the root prompt and my nics are recognised [image: boot_halt.PNG] [image: boot_halt.PNG_thumb]

Thats very interesting: I seem limited on what I can include on the vpn settings, route-nopull seems not to be liked by sever and fails connection. firewall and NAT seem ok - well everything allowed - maybe I need stated destination and source - was just relying on letting everything pass thru I have tried using a vlan tag for the other routes but when tagged on the Unifi AP that ssid fails to connect and the AP eventually becomes unstable, so a bit stuck now. Can you elaborate on your settings?

Yes. Think of it as 2.3.0_1 and 2.3.1. There may be a 2.3.1_1, in which case you may or may not need a reboot. 2.3.2 will. Here is a comment by cmb about noting which upgrades will or will not need reboots: https://www.reddit.com/r/PFSENSE/comments/4jz1fb/231release_now_available/d3dmniu

I upgraded three systems to 2.3.1 that had quagga (four really, one was an HA cluster) and all were fine. Check to see if it's already running: : ps uxawww | grep quagga If you see it running, kill it and also rm /var/run/quagga/* And then restart from the GUI. If it's not running, try just the rm.

Thanks, Finally gave up on the nano install -went to full 2.3.1 Was seeing a lot of re boots caused by unplugging LAN and connecting APs which has stopped now - still got problems which will need separate post.

Found a workaround overnight. Looks like I can add: vfs.root.mountfrom="ufs:/dev/ada0s1a" To my /boot/loader.conf file and it'll now start after every reboot without additional input from me. To those in the know, do I also need to add this command to /boot/loader.conf.local as I'm sure I read somewhere that the loader.conf file can get wiped out by updates, wheras the .local one doesn't? Thanks!

Thanks all, i'll have a go at that.

@cmb: @mudmanc4: Interesting how this just started to be noticed in the logs. Or no one has bothered to look before now in this scenario. Before 2.3, the 404 logs from the web GUI's web server went to /dev/null. So I'm sure it was happening for quite some time, people just didn't have the logs to notice until more recently. That would explain it now. Thanks CMB

Your more than welcome - any time.. It was my pleasure to contribute and make your day that just much brighter.. Where is my thank you?? ;)

@cmb: The issue in #6296 with SMP and IPsec is 100% confirmed fixed by many different people in many circumstances. Any issues with 2.3.1 would be something different, and needs troubleshooting. No one else has reported any such issues on 2.3.1 (note that's not 2.3_1, 2.3.1 from this week). I wouldn't advise disabling cores for any reason in 2.3.1 at this point. Ideally a dump from status.php if you can get to the GUI at the time would help. If not that, seeing the output of 'top -SH' might be at least somewhat telling. cmb, Thanks for the info. I will see what I can do but these are production systems with little tolerance for downtime. If I get a chance to I will try to test again. status.php is pretty cool, I had no idea this existed. Thanks

Tried upgrading several times from 2.3_1 to 2.3.1 via the web gui and it fails.  Also tried from SSH. Via SSH I get :- 72 MiB to be downloaded. Locking package pfSense-kernel-pfSense_wrap… Locking pfSense-kernel-pfSense_wrap-2.3 Then it returns back to the prompt.  After rebooting, I'm still on 2.3 This is on an ALIX 2C2.  I also tried manually copying the boot slide from the NanoBSD menu - same issue.

As to the /32 - well it has to default to something.  So it could be either a non viable option like select me I guess, or some other mask.  What do you feel should be the default mask?  /24 - while that might be common on a lan side interface, normally that wouldn't be correct for a static wan..  I would guess something smaller for a common public IP range. When setting a static IP it would seem realistic to expect the person setting it to validate they are are indeed setting the correct mask for their use ;) Glad you got it sorted..  I would assume you can query your campus ntp via unicast as well, and not just rely on broadcast.  I don't see a way in the gui to select broadcastclient mode.. Guess it would always be viable to edit the ntp conf directly vs using the gui, but this is normally not a good idea.  Such edits don't normally survive service restarts unless you edit the actual pfsense files that start and stop the services - which these do not survive updates to pfsense, etc. Would seem odd they would only provide broadcast as a means of sync to ntp.

I saw the factory 231 images are there now.  :) I decided to pave my homelab system and install a fresh factory 231 on it.  Prepped a fresh USB drive and dd 'd the image on there.  Took a backup of my system and then rebooted into Install mode.  A few Next, Next, Nexts and a reboot, assigned my interfaces and restored config. Only "glitch" was after the reboot, when I logged in I still had the "Community Edition" logo in the corner.  A CSS refresh fixed that.  Pretty smooth!

I appreciate that themes change, but I feel there must be some means of differentiating between alias and non alias fields. Maybe a thin red border around the field would be nice? This! :) I very much growed accustomed to the form field indicating the use of aliases in the right places. I also cheered at the new UI and things like those comment lines in rules - really great! - but I miss the fields indicating the use of aliases, too. Now it simply isn't clear where you can or can't use aliases. Also, I didn't understand, why you can use aliases in Port Forwards or even Outgoing NAT rules, but not in 1:1 BiNat mappings. Doesn't make sense, as PF uses very similar rules to create those mappings where you can indeed use aliases. As for DHCPD, OVPN et al, that sure would require a little bit more programming though, but inside the same "application" (like PF) it shouldn't be a great deal to consistently use them. Greets and thanks to the devs! Jens

…and there it goes. Up and running, thanks all. Now I just need to learn how to use it ;)

Same issue here, I'm doing a clean install right now. I had no issues for years and 2.3.1 just killed my box.  :(

upgraded from 2.3 to 2.3.1 and only lightsquid_web wouldn't start upon reboot.  Searching threads, uninstalling/reinstalling solved that.