I upgraded the slave to 2.2.6, and then I realized there were two IPSec aggressive tunnels (only one of them came up).  All of the main mode tunnels came up OK. I switched back to the master running 2.1.5 and switched the 2 aggressive tunnels to use OpenVPN instead.  I then switched back to the slave and everything came up OK. However, now on the slave running 2.2.6, when I click on the 'e' to edit any Phase2 it always takes me to a blank Phase2 screen instead of the correct Phase2 screen for this tunnel. No matter what Phase2 I try to edit it aways takes me to URL:  https://xxx.xxx.xxx.xxx/vpn_ipsec_phase2.php?p2index= This is a blank Phase2 screen with LAN subnet, a blank remote network, AES=auto, SHA1, PFS off, 3600 settings. Even if I try to put in a correct URL: https://xxx.xxx.xxx.xxx/vpn_ipsec_phase2.php?p2index=2 it still takes me to the exact same blank Phase2 screen. I exported the config from the slave and imported it into two other 2.2.6 routers, and the same blank Phase2 screen problem happens on them as well.  Importing the old config from when the slave was running 2.1.5 works fine, and displays Phase2 screens OK. Did my config get poisoned somehow during this process?

@Valex: Just installiert the actual image from the USB drive, import the configuration and everything should be fine. Trim needs to be enabled in the GUI. Thank you. Where in the GUI do I enable TRIM?

Ran into the same issue on a fresh install of 2.2.6.  Appears to be a bug with the integration the of DNS Resolver Unbound - OR another DNS server on your network (was not my case).  I reinstalled 2.2.6 several times with no devices attached to the router and received the following similar message after first initial boot. Under your System Logs: General image, item 21 (5 up from the bottom), notice the following error: The command '/usr/local/sbin/unbound -c /var/unbound/unbound.conf' returned exit code '1', the output was '[1453028981] ... error: bind: address already in use [1453028981] unbound[54500:0] fatal error: could not open ports' If you want to resolve DNS you will have to Disable DNS Resolver (Unbound) and Enable DNS Forwarder (dnsmasq).  After that you should be fine.  I hope this gets resolved (no pun intended) soon.

Thanks Guys ! That was it ! i've installed the nanobsd version and it wortks fine.

I'm having the exact same issue on a fresh install of 2.2.6: [2.2.6-RELEASE][admin@pfSense.kuriyasu.home]/root: dmesg |grep re0 re0: <realtek 8111="" 8168="" b="" c="" cp="" d="" dp="" e="" f="" g="" pcie="" gigabit="" ethernet="">port 0xe000-0xe0ff mem 0x81204000-0x81204fff,0x81200000-0x81203fff irq 18 at device 0.0 on pci3 re0: Using 1 MSI-X message re0: ASPM disabled re0: Chip rev. 0x54000000 re0: MAC rev. 0x00100000 re0: Unknown H/W revision: 0x54000000 device_attach: re0 attach returned 6</realtek> I tried compiling the the if_re.ko module on a FreeBSD 10.1 box and moving the file over to /boot/kernel and loading it manually, but it appears the module is compiled into the pfSense kernel already: [2.2.6-RELEASE][admin@pfSense.kuriyasu.home]/boot/kernel: kldload if_re kldload: can't load if_re: module already loaded or in kernel Any help would be appreciated.  I'm using other NICS currently for LAN/WAN, but would like to be able to use the built in NIC as a dedicated management port.

@stephenw10: Not helpful when you can't access the webgui.  ;) You could maybe edit the config file. There's probably a way to do this from the developer shell, but I'm not sure what it might be. You can probably do it temporarily from the command line. Something like: ifconfig ue1 -txcsum -rxcsum I imagine that will get reverted when the config is reloaded though. Steve I happened to be doing the exact same config (Love the Intel NUC!!!).  I was also using two USB NICs, and had the exact same issue.  Disabling checksum offloading as show above fixed it!!!! Thank you!

@Derelict: You might have a look at the build process and see what it does to create the ISOs. I was thinking that would be last option. Is it appropriate to move this question to the development section?

If you are not using the ATA/IDE controllers that are freaking out you might try disabling them in the BIOS.

I changed the router Simple home router At the moment the files downloadind Although very slow (50 - 200 KB) so it says but is download more slow like 10 to 30 KB But downloadind I do not know if this is related But about a week before beginning this problem I upgraded my internet line From Adsl 10 MB to Vdsl  40 MB Could it be that something should be adjust for this ?

After installation of pfSense reassign the interfaces, log in to the GUI and stop the wizard by klicking on the pfSense logo. Got to "Restore" and load your config. Should reboot and subsequently start to install your packages (some do not install automatically, just install them manually). Should be done… ;-) Or you take the fresh installed CF/SSD/HDD to your BSD computer and copy over the config directly. Afterward put it into your router and boot directly with the config in place.

Maybe this might help? Just one of hundreds of how-to's and videos on this particular topic. Https://www.youtube.com/watch?v=pW99TOu6Hes

Try checking your card against the HCL here: https://www.freebsd.org/releases/10.1R/hardware.html

it is better to run dhcp on your AD, since it helps in the registration of clients in dns.. Or can be setup too, etc. To be honest if your running AD, use pfsense as its primary function routing/firewall..  Stuff like dns and dhcp, ntp are all just bells and whistles for a site that doesn't already have those things taken care of.  If your running AD, that is where those features should be setup. And yes you need to make sure your AD is setup with good time source, pfsense could be that sure.  But your going to want to let your AD members sync to AD - once you have setup AD correctly, etc.. You can setup your AD dns to forward to pfsense, but all clients in AD should really point to AD for dns.. Then your AD either forwards or resolves stuff that it is non authoritative for, like pfsense.org, google.com

I couldn't find anywhere else to get an answer to this, but you are doing what I'm curious to try. I would like to know if two Intel SSD's (the support TRIM) are able to be used in the softraid 1 (The option the pfsense installer gives) with TRIM enabled? It seems as though TRIM gives them longer life, and RAID firther extends system uptime. I wouldn't want to throw dual SSD's in a system only to find that TRIM can't be enabled and they would have shorter lifespans that a single one! Thanks for any heads up or help you guys can give.