I am assuming that this is a BIOS issue, as I have had this work on other machines.

You're making an issue for yourself, something that works for hundreds of thousands of us, usng pfSEnse, doesn't work for you.

As the mentionned "gateway-on-lan issue", totally not existent, even when looking it up in Google, but suddenly present on your system, this is pretty much the same thing.

Static DHCP leases are setup in pfSense. Handle them, like creating, modify, delete them in the GUI, and all is well.
There is no need to wipe some hiding database (btw : Google knows where this 'database' is, as soon as you use the correct word: config.xml).

For some reason, most of us do not use a power-backup supply (UPS) for our pfSenbse boxes, and still things work very well. And yes, you are not the only one with power failures.

So : the good news is: there is no problem.
And if there is one : you made it up yourself, so : remove it, and you're ok ;)

edit: using a static IP on the client (PC) which fells out of the network mask of pfSense will break the connection, that is normal.

Some Windows clients try to muck around with CR/LF if they think they see any ASCII character.  Check for an option to download as a binary file.

The pfSense default is 115200 with 2.2.x. The Alix BIOS default isn't 9600 either, but rather 38400, IIRC. Fix your settings to match everywhere.

If you rule out the low hanging fruit, the next thing is drivers, memory, or harddrive issues corrupting data.

(1) Should a full install be done on the M.2 (and leave the emmc as a fallback)?

This would be the most and common installation method, full install on a SSD/mSATA/M.2 but
the full installation can also be done on the eMMC storage because it is predestinated for many
read/write cycles without failures. So if the nor SquidGuard are not really needed it would be
also a really gain for many update / upgrade procedures.

Yes, as noted above, booting the ISO doesn't work. None cares at FreeBSD land.

I gave up on this once I took a look inside the memstick image and compared it to the upgrade image.  the memstick contains an ISO, the upgrade contains a tar image of a viable filesystem.  I had a known working  memstick available, so I slicked the box and reinstalled that way, then added back my config file and was on my way.

of course reverting that way doesn't scale, you need local access.  I did figure out where to upload a backup to have it recognized in the web ui, but wasn't sure if trying to roll back a release would succeed from that route.

@dillstone:

We've got several of the netgate 2g and 4g nano installs. I haven't been able to get any of them to upgrade directly to 2.2 or 2.2.4 from 2.01 and 2.03.  I've been having to take a spare firewall and configure it, and then swap or crack the case with a pre-imaged CF. The auto-upgrade gets stuck looking for the root device and I've poured over this and other forums trying to figure out why. I haven't tried slow-stepping up the upgrade like you mentioned.

Interesting, I have a spare unit too, I'll try the direct jump on this to 2.2.4 and see what happens, does yours allow you to revert back to 2.0.1 in case of a failed upgrade ?

I managed to get growfs to actually operate correctly without giving me a "Operation not permitted".
Primer:
Running 2.2.4 4G nano on 32 GB CF card

I had to umount /dev/ufs/cf  . Once I did that I could run growfs with no error

Thanks for all the input guys.  First of all, I'm not sure what brand the router is. It was sold as a generic on eBay.

It came setup and included a cable for serial communication. I confirmed it was a cross over cable by checking the pins.  I have reached out to the seller and he has not responded. I think I'll just open a ticket with eBay.

Thanks again for all your help guys. You have been super in my humble opinion.

Router.JPG
Router.JPG_thumb

@muswellhillbilly:

It's best to remove any installed packages before upgrading and re-install afterwards.

https://doc.pfsense.org/index.php/Upgrade_Guide

One suggestion would be to build a separate, upgraded machine, restore your base config to that (without packages). Then install and configure Bind and pfBlocker and swap the machines over when you have a moment of agreed downtime.

Thank you for the link. I seemed to miss that bit. In the past the auto-upgrade 'just worked' and I wrongly assumed that'd be the case here given the upgrade was a low risk.

@dotdash:

Go to diagnostics, backup/restore and clear the package lock. Then go to system, packages and re-install any broken packages.

This worked! Thank you.

NOYB, I got it. I just needed to translate it to the Zyxel interface. You were very helpful and extremely clear. Thanks

Usually these types of boot errors are due to computer BIOS issues.  If there is nothing for you to change then you are out of luck.  Try a different PC.

@Ryu945:

Kingston

If you want to play it safe, I'd go for the second choice. That way you have a rollback option if the new hardware gives you any grief.

You can backup the IPSEC part of the config, modify the XML for each site and restore it to each box.

I too had an issue with installing pkg. Turns out I was just impatient and terminated the job before the update could complete. I just had to run a "pkg update -f" to get the info from the repo, then I could ACTUALLY see the packages available. HOWEVER, I am running into an issue where I dont have enough free space on a brand new installation (using stock 1gb card). Literally need 1mb to download flashrom package. Any way to allocate the remaining space from /cf to rootfs? All I need to do is flash the bios so I can use the hdd I have laying here, but it wont boot without the bios being updated iirc.

edit

Guess I should specify that I am running on a Watchguard XTM 5 series Firewall with upgraded CPU/Ram.

edit2

Re-wrote the image to the CF card and installed flashrom first off, went without a hitch.