@stephenw10:

There's no package manager if you're running the live-cd by mistake.  ;)

…  ;D ;D ;D

I'm not suggesting your should wait for anything. What I'm suggesting is that when you plop 64bit on the same inadequate HW there's absolutely not gonna be any improvement regarding performance. Saying that 32-bit pfSense 2.2 on 1GB RAM is unuseable is a non sequitur.

LAN and WAN are in the same 192.168.1.0/24 subnet. That does not work.
When plugging a system into an upstream private network for testing or whatever, make sure to first change the LAN IP/subnet to some private address space that does NOT overlap with what the WAN DHCP is about to receive.

Ok, its ok now. it was a download problem.

@hayedid:

Sure, triple NAT may not be a perfect plan, but shouldn't it work?

It should, theoretically. Some services have a hard time with multiple layers of NAT but most stuff works fine. The fact that yours didn't implies one of your devices was doing something wrong almost certainly the Asus since switching that to AP mode fixed it. Handing out the wrong gateway, incorrect subnet mask, bad route, it could be many things. Running it in access point mode is much better though.

@hayedid:

I really need to be able to see and login to my modem and router.  If they are in bridge mode, I lose that ability.

You can still access the Asus in access point mode. Often you can still access an upstream router in 'modem' or bridge mode by using an additional IP on the WAN. See:
https://doc.pfsense.org/index.php/Accessing_modem_from_inside_firewall

@hayedid:

Incidentally, I did turn 'Block Private Networks' off since my modem is not setup in bridge mode.  Does this open me up to any additional hacking?

No. Everything from WAN is blocked by default anyway. That settings only serves as an additional block if you have a public IP on WAN. You should never see private IPs on the WAN in that situation so anything that arrives from a private address must be bogus and should be rejected even if you have port forwards set up.

Steve

Check this out

https://forum.pfsense.org/index.php?topic=87280.0

Yeah, at the very least tell use what NICs you have so we can point you at some appropriate tweaks.

Steve

@stephenw10:

Good call. Be aware that you can easily make a mistake hand editing the file though.  ;)

Trying to restore a complete config file that references packages onto an install that doesn't can have interesting results. I've tried that and it resolved itself OK but there were worrying looking errors. Whilst you can choose to restore individual areas on the config file there's no option to restore everything except packages. So you can restore each area individually but that's not a good idea if the config file version doesn't match the install. You can load the packages you had before. You can edit out the packages section. You can make a backup of the config file without the packages section but that requires some forethought!

Steve

Actually I didn't notice the checkbox for backing up without package information.
That will work perfectly.

Plus I can do two, one with and one without and see if there's anything specific I'd want to save.

NO, as Steve pointed, only x86 HW is currently supported

After resetting the BIOS to the default settings twice, I got PFSense to boot correctly. Tomorrow I will go back into the BIOS and disable the non-essentials and hope for the same results.

Thanks everyone for helping me out with this. Hopefully I won't run into any more issues.

Yep - Thats a pretty normal fix.

You might also want to check the pcengines forum. I seem to recall I have seen some issues with missing smd coil on one of the interfaces, rendering it non-functional.
If you need that port, and the bios update recommended by Steve does not help, you might have to claim warranty…

edit: found the topic again : http://www.pcengines.info/forums/?page=post&id=7DA1FA61-80A9-427E-BE14-0196B18F82AD&fid=DF5ACB70-99C4-4C61-AFA6-4C0E0DB05B2A

Ah right. Yep definitely build it against FreeBSD 10.1 or at least take the binaries from a 10.1 package.

Steve

Same here but using Hyper-V. Ore you using OVH by any chance?

HA!

Look at the big brain on doktornotor!!!!

That was it!

thanks!

shark.jpg

Moving stuff around in the menus (even when it makes sense) will generate comments! However a link on the Diagnostics > Backup/Restore page so it's obvious there's more than one place to look seems like a good idea.

Steve

@Escorpiom:

Config backup and restore will be no problem I presume.

Yeah your backup config will be fine, none of that hurt anything in the config itself.

Just did a fresh install of 2.2 64-bit on a new pfsense box for my lab. It's installed on a 128GB Samsung 840 Pro SSD. I don't use squid or any disk write intensive plugins, and that SSD is supposed to be pretty rugged but I thought I'd enable trim just for my own peace of mind.

I was able to get trim enabled by booting into single-user mode and issuing the commands as detailed in a post on another thread:

/sbin/tunefs -t enable /
/sbin/reboot

…and then verified it after rebooting:

[2.2-RELEASE][root@pfsense.<my domain="">.com]/root: tunefs -p /
tunefs: POSIX.1e ACLs: (-a)                                disabled
tunefs: NFSv4 ACLs: (-N)                                  disabled
tunefs: MAC multilabel: (-l)                              disabled
tunefs: soft updates: (-n)                                disabled
tunefs: soft update journaling: (-j)                      disabled
tunefs: gjournal: (-J)                                    disabled
tunefs: trim: (-t)                                        enabled
tunefs: maximum blocks per file in a cylinder group: (-e)  4096
tunefs: average file size: (-f)                            16384
tunefs: average number of files in a directory: (-s)      64
tunefs: minimum percentage of free space: (-m)            8%
tunefs: space to hold for metadata blocks: (-k)            6408
tunefs: optimization preference: (-o)                      time
tunefs: volume label: (-L)

Many thanks to posters on the 2.1 SSD trim thread, and big kudos to Chris and the pfsense team. This is one solid product that I've used for many years without a single glitch and which I've recommended over and over.

Hope this helps.</my>