This worked for me: http://blog.stefcho.eu/upgrade-from-pfsense-2-1-5-to-2-2-on-hyper-v/

So your not understanding the difference between a host override and a register dhcp static it seems. I do but i wrote it in a bad way, my bad. Let me try to explain it better: DNS-Forwarder -> Enabled nothing more, no DHCP mapping, no host overrides nothing. Now -> DNS-Resolver -> Enabled + -> Static DHCP Register enabled All static mappings won't get resolved now because there is only this in the /var/unbound/host_entries.conf file local-zone: "localdomain" transparent local-data-ptr: "127.0.0.1 localhost" local-data: "localhost A 127.0.0.1" local-data: "localhost.localdomain A 127.0.0.1" local-data-ptr: "::1 localhost" local-data: "localhost AAAA ::1" local-data: "localhost.localdomain AAAA ::1" local-data-ptr: "... FW.localdomain" local-data: "FW.localdomain A ..." local-data: "FW A ..." Which reprents the settings in the DNS-Forwader. It does not matter if I enable the DHCP static mapping at unbound or not, because it won't put it in this file. But when I enable the DHCP static mapping at the !DNS-forwarder! every static mapping is showing in /var/unbound/host_entries.conf Hope I could explain it in a better way, maybe you can reproduce this issue with a testmachine.

Thanks JorgeOliveira for that link – I had seen it, after the fact of course! When I installed 2.2.6 AMD64 from iso I then brought in my full config backup file. I think it's unlikely I would have 'hard coded' any particular update path into my settings, I probably had it set to just install stable updates. I think that is a pretty odd situation to end up in ... running any auto-update on a 64 bit system and ending up with a 32 bit system and I think there should have been some means of preventing that or at least warning about it. In any case, I backed up my config file again, did a clean install of 2.3.1 from the amd64 full install iso, reloaded my config file, and my system is working again. Sadly, it seems my RRD data was lost. It is working again, creating new data, but I can't go back to see old data. Does anyone know how that works? I was looking in /var/db/rrd/ and my files are not too small, like: -rw-r--r--  1 nobody  wheel  144K May 30 18:19 WAN_DHCP-quality.rrd -rw-r--r--  1 nobody  wheel  384K May 30 18:19 ipsec-packets.rrd -rw-r--r--  1 nobody  wheel  384K May 30 18:19 ipsec-traffic.rrd -rw-r--r--  1 nobody  wheel  384K May 30 18:19 lan-packets.rrd -rw-r--r--  1 nobody  wheel  288K May 30 18:19 lan-queuedrops.rrd -rw-r--r--  1 nobody  wheel  288K May 30 18:19 lan-queues.rrd -rw-r--r--  1 nobody  wheel  384K May 30 18:19 lan-traffic.rrd -rw-r--r--  1 nobody  wheel  384K May 30 18:19 ovpns1-packets.rrd -rw-r--r--  1 nobody  wheel  384K May 30 18:19 ovpns1-traffic.rrd -rw-r--r--  1 nobody  wheel    49K May 30 18:19 ovpns1-vpnusers.rrd -rw-r--r--  1 nobody  wheel  575K May 30 18:19 system-mbuf.rrd -rw-r--r--  1 nobody  wheel  718K May 30 18:19 system-memory.rrd -rw-r--r--  1 nobody  wheel  240K May 30 18:19 system-processor.rrd -rw-r--r--  1 nobody  wheel  240K May 30 18:19 system-states.rrd -rw-r--r--  1 root    wheel  8.7K May 30 18:13 updaterrd.sh -rw-r--r--  1 nobody  wheel  384K May 30 18:19 wan-packets.rrd -rw-r--r--  1 nobody  wheel  240K May 30 18:19 wan-queuedrops.rrd -rw-r--r--  1 nobody  wheel  240K May 30 18:19 wan-queues.rrd -rw-r--r--  1 nobody  wheel  384K May 30 18:19 wan-traffic.rrd Is that the size of 'blank' rrd data? Was the data 'poisoned' by running the 32 bit OS briefly? I'm not sure I ever did a backup that contained the full RRD data, my XML backups are usually 150k or so. Thanks.

Perhaps one of you bright lads might like to start committing code instead of taking the piss. ::)

Turned out it was my Logitech M100 mouse. Unplugged it and the problem vanished. Now my only problem is connecting to any servers through the WAN network.

After many hours and a sleepless night, here the result! It works. After i flash the APU1D4 with the latest firmware, i was able to install and configure the pfSense in Version 2.3. Here my result after the upgreade to 2.3.1 Updating pfSense-core repository catalogue… pfSense-core repository is up-to-date. Updating pfSense repository catalogue... pfSense repository is up-to-date. All repositories are up-to-date. It works! You have to check the latest firmware and use the 2.3 IMG file for the initial installation. Howether why?! Dont know why the 2.3.1 installation file doesn´t work. Regards Markus

Thanks to tree-cutting duties bestowed upon me, I literally have had no energy to tamper with the pfSense box or the clients using them for a bit. Found some time tonight/early morning to see if this has worked. It seems it has! Seems being the important word. I was meaning to set up Hyper-V on my Workstation with a fresh copy of Windows 10 running as a simple sandbox for things. I took this opportunity to set it up fresh and see if the network tampering had done it. The VM was allowed to obtain its IP and DNS server via DHCP - I didn't intervene to change settings at all. Implementing your (Phil's) suggestion with regard to sticking in a single static DHCP entry and then trying to access everything from the new VM showed me that everything was working. I could access \StorageS1 and \ExchangeServer as is (no need for the example.co.uk domain suffix to be appended) and using ipconfig was showing that a Connection-specific DNS suffix of example.co.uk was being sent out to machines. Changing the IP of the JetDirect print server from 192.168.1.202 to 192.168.1.217 and accessing it straight away from the new VM using its hostname (http://HP_JetDirect - creative hostname, I am aware(!)) allowed it to resolve correctly to 192.168.1.217 whilst the workstation (which is host to the VM) was unable to resolve it after a ipconfig /flushdns command. The reason I said 'seems' earlier? It's the pessimist in me - I thought that it may have been owing to the way Hyper-V dealt with name resolution and (possibly) pulling it from the host's built up DNS cache. Seems not, though. However, since on the workstation, I have the DNS suffix manually appended, it introduces another variable into the test. We shall see. To be absolutely sure, I may find a spare NIC, shove it in the machine and have the VM use its own dedicated network port rather than share with the host, or use a machine with a fresh install of Windows. Alas, not a job for 1:30am so thats pushed to tomorrows agenda.

Config should be in /cf/conf/config.xml afaik. In  /cf/conf/backup are all the old versions. Hope you can save some of it.

@Snailkhan: bump .. what about 2.3 and the little updates that always show up in update check ? can we just initate update and close browsers ? yes

Thanks, I'll give this a go.

Exactly, - Choice is a good thing tho - A fully authenticated session via the modem as on DOCSIS is useful - unpiug the router plug in something else - and if you've ever had problems with Comcast connections you'll appreciate this ability. I just find it very odd that for the UK and UK alone your product gets downgraded without your consent. And, on pf 2.3.1. there was no PPPoE/A working so if you have a UK V130 re-flash to earlier FW and it will connect. I bought what I believed was single port modem with built in authentication. It has many uses - router goes tits up an you've still got a connection - router goes tits up with dumb modem and your screwed till you fix or replace it Anyways, some my find the info useful

Now I suceed. After give it another try, I could update and my tunnels are still working. I had to edit and save them new to get them online.

still have the same Problem. Fresh Install on APU1D4 Board

I would: a) Save the config b) Set to factory defaults (so you get DHCP on WAN) c) Plug the WAN into an ordinary LAN (e.g. plain old office LAN at work) that gives out DHCP Now the unit has internet. d) Do the online upgrade e) Restore the config

Update: We've been good all day today.  So for me, deleting squid, reinstalling, chown worked.

@Derelict: Try 192.168.0.0 with a /16 netmask not 192.168 Thanks, working now.

@ThePooperScooper: Whats a normal amount of processes to have requesting it? Right know, Mine reads "Read/Write (reference count 6)". I've been having problems with write speeds to the CF card I have and have been trying to figure out whats causing this. I have it in forced Read/Write mode. Would having 6 processes requesting privileges be something to be concerned about and mite be causing the slow write times? That would be odd to have 6 things that are currently needing RW and are doing their thing (updating the config, writing conf files, whatever). Most likely some processes have done the mount RW and somehow failed to a matching mount RO call on their way out. As cmb says, go to 2.3.1 and RO is no more.

@JorgeOliveira: Now try booting the system with the following commands: set hint.ata.0.disabled=1 set hint.ata.1.disabled=1 boot -v Then add to /boot/device.hints: hint.ata.0.disabled="1" hint.ata.1.disabled="1" Hopefully, it does work now. (In addition to the link on my previous post, also found that at: https://superuser.com/questions/1055316/why-does-disabling-ata-fixes-run-interrupt-driven-hooks-still-waiting-after-60) didn't work for me… but thanks anyway. confirmed with my datacenter support, they are running QEMU with IP KVM for managing console through user portal

That's exactly what I did. I noticed it installing all of the non-kernel/non-OS packages at that point. Back in the <= 2.2 days, it seemed to do all that in the background with that animated hard drive image. At least then, the router was up and routing packets while doing so.

I could not find the right image. Contacted support and they gave me the right image. Made an usb and re-installed the unit. Load backup config. Done =) Thanks for great support =)