• Ping to WAN or LAN fails (pfsense 2.3)

    18
    0 Votes
    18 Posts
    6k Views
    C
    @Gadmin: I see that 2.3.1 is released. Will this update solve the problem Yes, 2.3.1 and newer fix that issue.
  • Eta 2.4 snapshots?

    2
    0 Votes
    2 Posts
    702 Views
    dennypageD
    Now that's funny right there. :)
  • Upgrade to 2.3.1_1 : serial terminal disabled

    8
    0 Votes
    8 Posts
    1k Views
    C
    @xhark: OK, so I understand it was a bug and now a normal operation ? Could you please precise the id of the bug that you fixed ? https://redmine.pfsense.org/issues/6120 the scope is potentially wider than just what's described there, but the root of it is your configured console settings weren't always applied. You're not configured for a serial console. So now it is applied correctly. Enable the serial console, and it'll be applied correctly as such.
  • 0 Votes
    1 Posts
    742 Views
    No one has replied
  • Error going from 2.3 to 2.3.1_1

    7
    0 Votes
    7 Posts
    4k Views
    K
    I've had a couple of issues trying to upgrade my pfSense installation from 2.3 to 2.3.1_1 on Hyper V that sound similar to this issue. At first, my original installation would simply break when the update was applied in a completely repeatable manner (restore the VM from backup, rinse, repeat). Basically, I would update using the standard update feature in the UI, which would download, install, then reboot the system. At that point it'd install a couple more things, then continue to boot up the point where it said "Configuring WAN interface…" and immediately reboot. At that point it would then display a bunch of things after the boot prompt and "BTX halted" (as attached). At that point, I thought that it'd be a good idea to simply start fresh, so I made a config backup in the web interface and created a whole new VM and installed 2.3.1 on it from scratch. What I found was that I could successfully update it to 2.3.1_1 after making the minimal configuration required to get it onto the Internet, but if I tried to restore my config.xml file prior to upgrading, then I'd have issues during the upgrade process similar to the above (with the same "crash" at "Configuring WAN interface…" and reboot after installation), although it would at least attempt to boot the system, but with various issues (which seemed to change each time I tried it). For example, here is an excerpt of the console I captured while booting one of these attempted upgrades: KDB: current backend: ddb Copyright (c) 1992-2016 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD is a registered trademark of The FreeBSD Foundation. FreeBSD 10.3-RELEASE-p3 #2 1988fec(RELENG_2_3_1): Wed May 25 14:14:46 CDT 2016     root@ce23-amd64-builder:/builder/pfsense-231/tmp/obj/builder/pfsense-231/tmp/FreeBSD-src/sys/pfSense amd64 FreeBSD clang version 3.4.1 (tags/RELEASE_34/dot1-final 208032) 20140512 CPU: Intel(R) Xeon(R) CPU E3-1230 V2 @ 3.30GHz (1664.84-MHz K8-class CPU)   Origin="GenuineIntel"  Id=0x306a9  Family=0x6  Model=0x3a  Stepping=9   Features=0x1f83fbff <fpu,vme,de,pse,tsc,msr,pae,mce,cx8,apic,sep,mtrr,pge,mca,cmov,pat,pse36,mmx,fxsr,sse,sse2,ss,htt>Features2=0xfe982203 <sse3,pclmulqdq,ssse3,cx16,sse4.1,sse4.2,popcnt,aesni,xsave,osxsave,avx,f16c,rdrand,hv>AMD Features=0x20100800 <syscall,nx,lm>AMD Features2=0x1 <lahf>Structured Extended Features=0x200 <erms>XSAVE Features=0x1 <xsaveopt>Hypervisor: Origin = "Microsoft Hv" real memory  = 536870912 (512 MB) avail memory = 478343168 (456 MB) ... SMP: AP CPU #1 Launched! Timecounter "Hyper-V" frequency 10000000 Hz quality 10000000 Event timer "HyperV" frequency 10000000 Hz quality 1000 storvsc0 on vmbus0 storvsc1 on vmbus0 da0 at blkvsc0 bus 0 scbus1 target 0 lun 0 hyperv-utils0 on vmbus0 hyperv-utils0: Hyper-V Service attaching: Hyper-V Heartbeat Service da0: hyperv-utils1 on vmbus0 hyperv-utils1: Hyper-V Service attaching: Hyper-V KVP Service <msft virtual="" disk="" 1.0="">Fixed Direct Access SPC-2 SCSI device da0: 300.000MB/s transfershyperv-utils2 on vmbus0 hyperv-utils2: Hyper-V Service attaching: Hyper-V Shutdown Service hyperv-utils3 on vmbus0 hyperv-utils3: Hyper-V Service attaching: Hyper-V Time Synch Service da0: Command Queueing enabled hn0: <synthetic network="" interface=""> on vmbus0 da0: 5120MB (10485760 512 byte sectors) hn0: unknown status 1073872902 received hn0: hv send offload request succeeded hn0: Using defaults for TSO: 65518/35/2048 hn0: Ethernet address: 00:15:5d:00:04:17 hn1: <synthetic network="" interface=""> on vmbus0 hn1: unknown status 1073872902 received hn1: hv send offload request succeeded hn1: Using defaults for TSO: 65518/35/2048 hn1: Ethernet address: 00:15:5d:00:04:18 hn2: <synthetic network="" interface=""> on vmbus0 hn2: unknown status 1073872902 received hn2: hv send offload request succeeded hn2: Using defaults for TSO: 65518/35/2048 hn2: Ethernet address: 00:15:5d:00:04:19 hn3: <synthetic network="" interface=""> on vmbus0 hn3: unknown status 1073872902 received hn3: hv send offload request succeeded hn3: Using defaults for TSO: 65518/35/2048 hn3: Ethernet address: 00:15:5d:00:04:1a Trying to mount root from ufs:/dev/ufsid/574a68fd984d1bc6 [rw]... May 29 15:48:35 init: login_getclass: unknown class 'daemon' May 29 15:48:35 init: login_getclass: no default/fallback class 'default' Configuring crash dumps... Filesystems are clean, continuing... Mounting filesystems... rm: /conf: Read-only file system ln: /conf/conf: Read-only file system     ___ ___/ f \ / p \___/ Sense \___/  \     \___/ Welcome to  2.3.1-RELEASE on the 'pfSense' platform... rm: /COPYRIGHT: Read-only file system rm: /bin/cat: Read-only file system ... /etc/rc: cannot create /dev/null: Operation not supported Creating symlinks...ln: /tmp/tmp: Read-only file system rm: /tmp/config.cache: Read-only file system rm: /tmp/config.lock: Read-only file system rm: /tmp/mnt/cf: Read-only file system rm: /tmp/mnt: Read-only file system rm: /tmp/php_errors.txt: Read-only file system ..cp: /dev/null: No such file or directory ./etc/rc: cannot create /dev/null: Operation not supported done. /etc/rc: /usr/local/sbin/-upgrade: not found /etc/rc: cannot create /tmp/php_errors.txt: Read-only file system /etc/rc: cannot create /dev/null: Operation not supported Launching the init system...rm: /cf/conf/backup/backup.cache: Read-only file system done. Initializing.................. done. Error: cannot open dmesg.boot in system_dmesg_save(). cannot create /dev/null: Operation not supported cannot create /dev/null: Operation not supported Starting device manager (devd)...done. Loading configuration.....PHP Fatal error:  Call to undefined function xml_parser_create() in /etc/inc/xmlparse.inc on line 205 Fatal error: Call to undefined function xml_parser_create() in /etc/inc/xmlparse.inc on line 205 PHP ERROR: Type: 1, File: /etc/inc/xmlparse.inc, Line: 205, Message: Call to undefined function xml_parser_create()Starting CRON... /etc/rc: cannot create /dev/null: Operation not supported done. fcgicli: Could not connect to server(/var/run/php-fpm.socket). /etc/rc: /usr/local/sbin/-upgrade: not found (pfSense) 2.3.1-RELEASE  Tue May 17 18:46:53 CDT 2016 Bootup complete /etc/rc: cannot create /dev/null: Operation not supported rm: /tmp/config.cache: Read-only file system</synthetic></synthetic></synthetic></synthetic></msft></xsaveopt></erms></lahf></syscall,nx,lm></sse3,pclmulqdq,ssse3,cx16,sse4.1,sse4.2,popcnt,aesni,xsave,osxsave,avx,f16c,rdrand,hv></fpu,vme,de,pse,tsc,msr,pae,mce,cx8,apic,sep,mtrr,pge,mca,cmov,pat,pse36,mmx,fxsr,sse,sse2,ss,htt> In this particular case, it seems it's trying to rm -rf itself, but it hasn't mounted the filesystem in r/w mode in order to do that. My next attempt (i.e. start again with a fresh install, then restore config.xml, then try upgrade) did this on boot (which looks similar to the OP's behavior where it's trying to parse an invalid file): start_init: trying /sbin/init May 29 19:07:12 init: login_getclass: unknown class 'daemon' May 29 19:07:12 init: login_getclass: no default/fallback class 'default' Configuring crash dumps... Using /dev/label/swap0 for dump device. Filesystems are clean, continuing... Mounting filesystems... [: -eq: unexpected operator Welcome to  (Patch ) on the '' platform... Dump device does not exist.  Savecore not run. Creating symlinks......done. /etc/rc: /usr/local/sbin/-upgrade: not found /etc/rc: cannot create /tmp/php_errors.txt: Read-only file system pid 89 (php-fpm), uid 0: exited on signal 11 Segmentation fault fcgicli: Could not connect to server(/var/run/php-fpm.socket). Launching the init system...pid 94 (php-cgi), uid 0: exited on signal 11 Segmentation fault Starting CRON... done. fcgicli: Could not connect to server(/var/run/php-fpm.socket). /etc/rc: /usr/local/sbin/-upgrade: not found ()  (Patch )  Bootup complete[/code] I did boot this machine back up off the installation disc and found that most of the files in /sbin and /bin were 0 bytes in length - even fsck and ls were not usable in this state. If I restored my config.xml file [i]after[/i] performing the upgrade (which I did try multiple times to see if it was definitely not a fluke), the upgrade itself would always work correctly (and it wasn't crashing at the "Configuring WAN interface..." step of the boot process either). Since this has worked, I haven't really worried about it and most of the testing I did was more from a curiosity point of view, since my main gateway was working again after I did it the aforementioned way. In my case, the disk isn't a suspect as this disk is used by both other VMs and the host for storing data; and the consistency at which I can replicate the issue by restoring my config.xml, [i]then[/i] upgrading. ![pfSenseBTXHalt.png](/public/_imported_attachments_/1/pfSenseBTXHalt.png) ![pfSenseBTXHalt.png_thumb](/public/_imported_attachments_/1/pfSenseBTXHalt.png_thumb)
  • 2.3.1_1 update?

    37
    0 Votes
    37 Posts
    12k Views
    K
    Updating repositories metadata… Updating pfSense-core repository catalogue... pfSense-core repository is up-to-date. Updating pfSense repository catalogue... pfSense repository is up-to-date. All repositories are up-to-date. Unlocking package pfSense-kernel-pfSense... done. The following 1 package(s) will be affected (of 0 checked): Installed packages to be UPGRADED: pfSense: 2.3.1 -> 2.3.1_1 [pfSense] 3 KiB to be downloaded. **** WARNING **** Reboot will be required!! Proceed with upgrade? (y/N) >>> Downloading upgrade packages… Updating pfSense-core repository catalogue... pfSense-core repository is up-to-date. Updating pfSense repository catalogue... pfSense repository is up-to-date. All repositories are up-to-date. Checking for upgrades (1 candidates): . done Processing candidates (1 candidates): . done The following 1 package(s) will be affected (of 0 checked): Installed packages to be UPGRADED: pfSense: 2.3.1 -> 2.3.1_1 [pfSense] 3 KiB to be downloaded. Fetching pfSense-2.3.1_1.txz: . done Checking integrity… done (0 conflicting) Upgrade is complete.  Rebooting in 10 seconds. Locking package pfSense-kernel-pfSense... done. Upgrading necessary packages... Checking for upgrades (1 candidates): . done Processing candidates (1 candidates): . done Checking integrity... done (0 conflicting) The following 1 package(s) will be affected (of 0 checked): Installed packages to be UPGRADED: pfSense: 2.3.1 -> 2.3.1_1 [pfSense] [1/1] Upgrading pfSense from 2.3.1 to 2.3.1_1… [1/1] Extracting pfSense-2.3.1_1: …. done Removing unnecessary packages... done. Cleanup pkg cache... done.
  • Which ports need to be open for Update detection ?

    4
    0 Votes
    4 Posts
    2k Views
    C
    For AWS, you need 80 and 443 to firmware.netgate.com only.
  • How to Upgrade safely & with minimal interruption ?

    2
    0 Votes
    2 Posts
    626 Views
    B
    Well one thing that comes to mind, is a failover setup (carp)? That would take away lots of your worries, and as it is already a vm the added cost is minimal. Maybe one caveat; Not sure though on the "MAC given by our provider" thing? I seem to remember there was some limitation of spoofing a MAC for a CARP IP… that would be worth a question or search in the CARP forum.
  • MiniPCI-Express-Wireless-Modul Compex WLE600VX

    6
    0 Votes
    6 Posts
    2k Views
    ?
    that my wlan card might be supported in the near future… Well known working wireless cards for pfSense If this card will be a someday supported or the plain WiFi ac support was added you might be trying out your card, but until this is not given you can only hope or change your card against another one that is working well.
  • Ghost Dansguardian

    4
    0 Votes
    4 Posts
    790 Views
    D
    Worked like a charm! Thank you!!!!!
  • Update from 2.3 to 2.3.1_1 freezing

    1
    0 Votes
    1 Posts
    584 Views
    No one has replied
  • No Internet to WAN from LAN

    4
    0 Votes
    4 Posts
    1k Views
    M
    @martylavender: The two default rules pfSense creates are the only rules under Firewall > Rules Out of interest, what rules are these exactly? In PFS version 2.3.x, the LAN side should have three default rules (One anti-lockout and two LAN-2-any rules for IPv4 and IPv6). The WAN side is what has two default rules. Could you have mistakenly set your WAN interface internally? That might account for the blocks you're seeing in the logs.
  • Cannot install from USB stick

    1
    0 Votes
    1 Posts
    559 Views
    No one has replied
  • 0 Votes
    31 Posts
    12k Views
    S
    This worked for me: http://blog.stefcho.eu/upgrade-from-pfsense-2-1-5-to-2-2-on-hyper-v/
  • Update to 2.3.1 unbound problem

    7
    0 Votes
    7 Posts
    2k Views
    M
    So your not understanding the difference between a host override and a register dhcp static it seems. I do but i wrote it in a bad way, my bad. Let me try to explain it better: DNS-Forwarder -> Enabled nothing more, no DHCP mapping, no host overrides nothing. Now -> DNS-Resolver -> Enabled + -> Static DHCP Register enabled All static mappings won't get resolved now because there is only this in the /var/unbound/host_entries.conf file local-zone: "localdomain" transparent local-data-ptr: "127.0.0.1 localhost" local-data: "localhost A 127.0.0.1" local-data: "localhost.localdomain A 127.0.0.1" local-data-ptr: "::1 localhost" local-data: "localhost AAAA ::1" local-data: "localhost.localdomain AAAA ::1" local-data-ptr: "... FW.localdomain" local-data: "FW.localdomain A ..." local-data: "FW A ..." Which reprents the settings in the DNS-Forwader. It does not matter if I enable the DHCP static mapping at unbound or not, because it won't put it in this file. But when I enable the DHCP static mapping at the !DNS-forwarder! every static mapping is showing in /var/unbound/host_entries.conf Hope I could explain it in a better way, maybe you can reproduce this issue with a testmachine.
  • 64bit version now seems to be 32bit and Monitoring Grphs cannot display

    5
    0 Votes
    5 Posts
    2k Views
    C
    Thanks JorgeOliveira for that link – I had seen it, after the fact of course! When I installed 2.2.6 AMD64 from iso I then brought in my full config backup file. I think it's unlikely I would have 'hard coded' any particular update path into my settings, I probably had it set to just install stable updates. I think that is a pretty odd situation to end up in ... running any auto-update on a 64 bit system and ending up with a 32 bit system and I think there should have been some means of preventing that or at least warning about it. In any case, I backed up my config file again, did a clean install of 2.3.1 from the amd64 full install iso, reloaded my config file, and my system is working again. Sadly, it seems my RRD data was lost. It is working again, creating new data, but I can't go back to see old data. Does anyone know how that works? I was looking in /var/db/rrd/ and my files are not too small, like: -rw-r--r--  1 nobody  wheel  144K May 30 18:19 WAN_DHCP-quality.rrd -rw-r--r--  1 nobody  wheel  384K May 30 18:19 ipsec-packets.rrd -rw-r--r--  1 nobody  wheel  384K May 30 18:19 ipsec-traffic.rrd -rw-r--r--  1 nobody  wheel  384K May 30 18:19 lan-packets.rrd -rw-r--r--  1 nobody  wheel  288K May 30 18:19 lan-queuedrops.rrd -rw-r--r--  1 nobody  wheel  288K May 30 18:19 lan-queues.rrd -rw-r--r--  1 nobody  wheel  384K May 30 18:19 lan-traffic.rrd -rw-r--r--  1 nobody  wheel  384K May 30 18:19 ovpns1-packets.rrd -rw-r--r--  1 nobody  wheel  384K May 30 18:19 ovpns1-traffic.rrd -rw-r--r--  1 nobody  wheel    49K May 30 18:19 ovpns1-vpnusers.rrd -rw-r--r--  1 nobody  wheel  575K May 30 18:19 system-mbuf.rrd -rw-r--r--  1 nobody  wheel  718K May 30 18:19 system-memory.rrd -rw-r--r--  1 nobody  wheel  240K May 30 18:19 system-processor.rrd -rw-r--r--  1 nobody  wheel  240K May 30 18:19 system-states.rrd -rw-r--r--  1 root    wheel  8.7K May 30 18:13 updaterrd.sh -rw-r--r--  1 nobody  wheel  384K May 30 18:19 wan-packets.rrd -rw-r--r--  1 nobody  wheel  240K May 30 18:19 wan-queuedrops.rrd -rw-r--r--  1 nobody  wheel  240K May 30 18:19 wan-queues.rrd -rw-r--r--  1 nobody  wheel  384K May 30 18:19 wan-traffic.rrd Is that the size of 'blank' rrd data? Was the data 'poisoned' by running the 32 bit OS briefly? I'm not sure I ever did a backup that contained the full RRD data, my XML backups are usually 150k or so. Thanks.
  • Scheduling pfSense Updates?

    11
    0 Votes
    11 Posts
    5k Views
    KOMK
    Perhaps one of you bright lads might like to start committing code instead of taking the piss. ::)
  • Newb here. Please help. [Answered]

    14
    0 Votes
    14 Posts
    3k Views
    T
    Turned out it was my Logitech M100 mouse. Unplugged it and the problem vanished. Now my only problem is connecting to any servers through the WAN network.
  • 0 Votes
    2 Posts
    1k Views
    M
    After many hours and a sleepless night, here the result! It works. After i flash the APU1D4 with the latest firmware, i was able to install and configure the pfSense in Version 2.3. Here my result after the upgreade to 2.3.1 Updating pfSense-core repository catalogue… pfSense-core repository is up-to-date. Updating pfSense repository catalogue... pfSense repository is up-to-date. All repositories are up-to-date. It works! You have to check the latest firmware and use the 2.3 IMG file for the initial installation. Howether why?! Dont know why the 2.3.1 installation file doesn´t work. Regards Markus
  • Pre-Installation queries

    12
    0 Votes
    12 Posts
    2k Views
    F
    Thanks to tree-cutting duties bestowed upon me, I literally have had no energy to tamper with the pfSense box or the clients using them for a bit. Found some time tonight/early morning to see if this has worked. It seems it has! Seems being the important word. I was meaning to set up Hyper-V on my Workstation with a fresh copy of Windows 10 running as a simple sandbox for things. I took this opportunity to set it up fresh and see if the network tampering had done it. The VM was allowed to obtain its IP and DNS server via DHCP - I didn't intervene to change settings at all. Implementing your (Phil's) suggestion with regard to sticking in a single static DHCP entry and then trying to access everything from the new VM showed me that everything was working. I could access \StorageS1 and \ExchangeServer as is (no need for the example.co.uk domain suffix to be appended) and using ipconfig was showing that a Connection-specific DNS suffix of example.co.uk was being sent out to machines. Changing the IP of the JetDirect print server from 192.168.1.202 to 192.168.1.217 and accessing it straight away from the new VM using its hostname (http://HP_JetDirect - creative hostname, I am aware(!)) allowed it to resolve correctly to 192.168.1.217 whilst the workstation (which is host to the VM) was unable to resolve it after a ipconfig /flushdns command. The reason I said 'seems' earlier? It's the pessimist in me - I thought that it may have been owing to the way Hyper-V dealt with name resolution and (possibly) pulling it from the host's built up DNS cache. Seems not, though. However, since on the workstation, I have the DNS suffix manually appended, it introduces another variable into the test. We shall see. To be absolutely sure, I may find a spare NIC, shove it in the machine and have the VM use its own dedicated network port rather than share with the host, or use a machine with a fresh install of Windows. Alas, not a job for 1:30am so thats pushed to tomorrows agenda.
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.