it looks like its pointing to the right place, so not sure why the range isnt being taken into account [image: Capture2.PNG_thumb] [image: Capture2.PNG] [image: Capture1.PNG_thumb] [image: Capture1.PNG]

Thank you :) If you look at my setup above, I want to supply two switches from two outputs on the fw (lets say opt1=sw1 and opt2=sw2). Would Interface-group be the fastest option or is there something that will give better speed or be more logical? On a FortiGate box I have today, this is called Zone and I assume this is similar. This lets me have only one fw-rule that is valid for letting the same traffic flow on both opt1 and opt2. From what I can understand when reading the docs: bridge may be more complex than I need for this and LAGG-interface is only when you have multiple links to same switch (not like here when I have two seperate switches). So Interface-group is the best/only option?

I can try that.  I already have SMP disabled on 2 of my other systems due to it causing networking to hang on them.  But they have igb NIC's.  I'll try it on this one as well.  What do I have to lose..

I would bet that all of your clients would have eventually lost their default gateway, depending on when ether DHCP leases expired… You are absolutely correct.  My DHCP leases are 48 hours so I probably had just not hit the renewal for the other clients :)  Thanks! Just to point people who read this to the sticky about Gateway monitoring https://forum.pfsense.org/index.php?topic=110043.0 Thanks for the info!

My guess if it definitely was logging before the upgrade is something about that setting wasn't immediately applied to the running system. So it would have stopped post-reboot if that's the case. I confirmed it does immediately disable on 2.3. Haven't double checked anything earlier, though I'm pretty sure that worked immediately in general. The config tag that enables that option is <disablelocallogging>inside <syslog>section.</syslog></disablelocallogging>

Looks like this is resolved in 2.3.1 as there was a bug preventing Advanced->Misc changes from being saved. Workaround in the bug comments also. https://redmine.pfsense.org/issues/6146

@mer: You're accessing the WebUI from WAN, HTTP, change it to HTTPS and get locked out, is that correct? Yes. That's correct. @mer: But if you do the same operation from LAN, it works as you expect? Yes.

This is solved.  This was my fault due to old wiring. Switch was plugged into the old router not the main switch.

Thanks! I will try this out during weekend  8)

Last time, I changed to another USB memory stick (larger one), flash the NanoBSD to the new stick, export config from old one, boot up with the new one, then in the new one I chose "import" and all good!

picture3  

https://doc.pfsense.org/index.php/Writing_Disk_Images

@adam65535: If you do decide to downgrade that member make sure you use a backup from the previous version and not 2.3.  I am pretty sure you can't use a 2.3 config on previous 2.2 and 2.1 versions. I have a full backup and an config backup from the previous version . I allways make backups before any update . The ideea behind 2.3 is ok but my opinion is that it was a to early relase and it's unstable and has a big lack of features and packages that existed before 2.3.

sforsythe: I replied back on your ticket but wanted to reply here as well to make sure you see it. adam65535's theory sounds plausible. The fact that turning off the secondary makes the problem stop indicates a problem along the lines of an IP conflict, which is what the scenario he describes ends up being. It's something similar along those lines.

check the sticky. https://forum.pfsense.org/index.php?topic=109690.0

Oh thanks for your help.  Thought that was the case but wasn't sure.  Looks like there were a few APUs we had out there that must have been running SSDs and some others that were running nano off an SD card like you said.  So that's where I got confused and because it's been so long since I worked on those I just lost track of it.  The perils of aging!! Thanks  ;)

I could have swore that in the past week, the download link (USB Memstick Installer Image) at https://portal.pfsense.org had a LOT of older versions, going way back. Maybe I'm remembering another link?

One of the reasons for the 2.3 upgrade was to simplify the package install and maintenance abilities. The flip side is that existing packages need to be updated to meet the new criteria and some of the original maintainers aren't around. If the package you're looking for hasn't been upgraded to 2.3, you'll have to reinstall it manually.

Yes searching is easy, just type some words like "haproxy 2.3 error" produces exactly 10 results for me, several having more or less the same information about removing old files. Or if you search for "haproxy 2.3" the very first result is a "Installation and Upgrades / HEADS UP on 2.3 upgrade if using haproxy". Anyway if your still having issues after trying the removal of old files, please do post the error messages you experience and maybe some advice specific to your installation can be provided. Regards, PiBa-NL