Silly question:  Are you sure you're assigning WAN to the proper NIC in pfSense?

If I do a fresh install or add hardware on occasion, the NICs show up differently in pfSense. Only by writing down the MAC address of each NIC am I able to correctly reassign them at reboot.

@snm777:

perhaps somehting about the SD cards is similar enough between the nanobsd and FreeBSD

That something "similar enough" is the UFS filesystem with the SU+J disaster "feature". (It was turned off on nano in 2.2.4 because it's completely unusable with slow media.)

Yes, you don't have to use 1:1 NAT from your virtual IPs. However if you have added them for convenience you can override the 1:1 entry with a port forward to change the ports.

Steve

Can you reach the package list fie: https://packages.pfsense.org/packages/pkg_config.10.xml
Can you fetch that file from the pfSense command line?

Steve

Coincidentally, I just did a new lagg+VLANs config yesterday. Works fine. Can't be done from the console. Assign your USB NIC as LAN, configure everything in the web interface from there.

You can reassign VLANs.

@Abhishek:

I am also facing same issue , i kept upgrade at 8Am , now its 04:19 PM  still not upgrade done

That looks like a different issue.  Mine had nothing to do with package reinstallation.

Since you say you remove the graphics card that would imply a desktop or workstation type motherboard. If so check your BIOS to see if it's set to halt on all errors at boot and if so change it to none. I had to do this on my motherboard that wouldn't boot without a keyboard and mouse attached.

Completely flawless update

Thanks for the hard work everyone!

I just changed the setup of the DHCP IPv4 server (running from the default 192.168.1.1 on LAN)
"Gateway" was empty, I filled in "192.168.1.254" and restarted the DHCP IPv4 server on pfSense.

I ripped out the RJ45 from my computer, and put it back in (my PC requested a new IP among others).

Guess what, the IP handed out was the same, DNS was still 192.168.1.1 but the Gateway was … 192.168.1.254  ;D
Yes .. my setup isn't broken - pfSense worked ... again.

just reboot it.

Aha! I did read the release notes before upgrading, but I didn't catch that (assuming you're talking about the forcesync patch for #2401).  I didn't equate "noticable slowness" with "takes forever", but I guess that's close enough. And in reading the bug, I see it's exactly what I'm experiencing.

Thanks for the pointer!

So all of your devices are on same vlan and your switches are interconnected with 1 upstream connection to this router in the mail room, or do all the switches go directly to the uni router?

If you only have one uplink to their router, you could just ask to have this block they gave you routed to you via a /30 or /31 transit network, then all their switches could maintain their same IP and you would just have pfsense as firewall between their network and the yours.  You could then allow them access to the IPs the switches are on and all your devices could maintain their public IPs you would just allow traffic at pfsense.

Or you could nat off your network yes, you could then change all your switches to your private network and port forward to them via a public IP you put on pfsense wan.  Since you had a whole block to use.. You could the same switches IP and just forward to the new private IPs of the switches.

The routed network is the cleanest option if you ask me.

Your other option - which I don't like but would be to setup pfsense in transparent mode and bridge.  I would not recommend this option, but this is another way for you to leave all the ip addressing the same on your devices and their switches while still giving you a firewall between their network and yours.

As to learning pfsense – just connect pfsense to one of your switch ports.  Put another switch behind it connected to pfsense lan interfacde and play with putting some devices behind pfsense.  This would be a mini version of option 2.

@cmb:

Given that, it seems likely it's a hardware issue. Where it's a software issue, generally you'll find other reports via Google of similar backtraces, or within our crash reports.

Yeah I would have expected hardware except this box has been a rock for 6 months now running pfSense, so I'm not sure what to think.  I would have used the cosmic ray excuse, but it's a Xeon E3 machine with ECC RAM.  It's behaving itself now so I'll just assume it wanted attention.  ;D

Same here…I've traded out NIC cards, drives, reloaded PFS a few times and an entirely new box.  I'm using Neoware Thin Clients with a 4GB DOM, 1GB of RAM, 1Ghz processor and Intel dual NIC.  I'm installing PFS 2.2.4  I've got this working on a few other Thin Clients with the same config but they were upgraded not freshly installed.
Eventually it passes the "Configuring LAN interface…Starting DNS Resolver..." but it takes a very long time (up to an hour).

kingsz1- Did you figure this out or are you using the kind of hardware I am?  What was the solution?

Anyone else seen this or have any suggestions?

@doktornotor:

If there was a working fsck, the journaling would help with some cases of unclean unmount/hard reset. Sadly, the fsck is totally borked and produces a giant kaboom in that case.

Only with crap flash (though it's certainly very bad in that case). On a SanDisk CF in an ALIX, and a SanDisk SD in an APU, they survived a thousand power cycles each left rw mounted, SU+J, with some writing happening when power was lost.

I took an affected CF card that fsck couldn't fix, dd'ed it to an img and booted it up in KVM, and fsck cleaned it just fine. Same when dd'ing it to another CF, was fine. Something screwy going on there with the problem flash, but didn't bother digging any further after confirming it doesn't happen minus SU+J.

It is upgraded to 2.2.4 and I've had this issue upgrading from a new install at 2.2.2 to both 2.2.3 and 2.2.4.  I'm wondering if it has something do with the suricata package, that package disappears and has to be re-installed (it remembers settings but doesn't show up as installed).

@neonflx:

Im done a fresh install of pfsense 2.2.3 the issue I'm having is that while I'm pulling and ip from my ISP on the WAN side and i can access the pfsense web interface I can't access any website, connection is listed as limited on windows machine, also my ununtu box is the same.

If I use just my wireless router without pfsense everything works fine, note that the I have tried just the pfsense box with wan to isp and lan directly to my computer bypassing the wireles router and switch and still the same, also when i use the wireless router has dhcp disabled an just act as AP.

The same box used to worked flawlessly in the same house and same provider a year ago, then I went to Korea for a year and just got back and having this issue.

Any suggestions would be appreciated.

Thanks

I have same problem like you. Here how I fixed it.
Go to Interface - WAN - Uncheck Block private networks.
Go to Services - DNS Resolver - Check Enable Forwarding Mode.

Make sure everything else is default.