Thanks!

Sorry guys , the problem is firefox . Now I'm using chrome and everything is fine . still sorry

@cmb:

There won't be an RC2. Continue upgrading in the GUI. Not much is changing at this stage.

It seems to reboot with every update I do. So that is than more than gui alone ? Or am I doing something wrong ?

Thanks so much
Perfect, now everything works perfectly  ;)

@cmb:

Your client's receiving a /30, so yeah .1 isn't going to be reachable. What's your server-side OpenVPN config look like, primarily for DHCP?

I will check to make sure when I reach back, but I think it is a mixture. Remote users log in and get assigned whatever IP address within subnet.

Other users, Remote Agents are assigned specific IP addresses within the same subnet. This because we build VM's for them to use billing software remotely, and print customer receipts locally. Within the VMs we use the NETUSE LPT1 to assign USB receipt printer back at their location.

This used to work before the upgrade to 2.3. Hope this help. Is there any further information I should provide?

Thanks…

@athurdent:

There is an option for the Primary Console at the bottom of the Advanced -> Admin Access page. Switch it to VGA and your input does get redirected to the Monitor instead of the Serial Console. Happens when you restore config from a Serial Installation.

Definitely not that…  but anyway, upgrade failed every time for me but backup config... create new VM, new install on new VM, then restore config worked for me.

Do you have pfBlocker installed? If yes, check the rules and see which ones are causing the issue.

RELEASE builds begin on - 25 March 2016. Today was the announcement. https://www.freebsd.org/releases/10.3R/schedule.html

Thanks.

The suggested fix has been applied.

@Ofloo:

simple packages like bwm-ng nano there availlable in the freebsd repository, .. not sure why you can't just pkg install them

Because the pfSense base and packages are all using pkg from our own custom repository, we can't easily accommodate having package from our repo and the FreeBSD repo concurrently without potential dependency issues. It may work, it may not. We have tossed around the idea of, post-release, letting our package server build a full set so they would all be available from our own package servers, but that will take quite a bit of time/cpu so it would have to wait until we have a stable release first and not using the servers for a steady stream of snapshot builds :-)

Confirmed, the field has the wrong type set, it should be 'text' but is currently 'number'. I opened https://redmine.pfsense.org/issues/6067 and pushed a fix.

Thanks!

Same here.
NUT has done an excellent job and has save my system from dirty shutdowns many times.
Another vote for a port :)

The posted pull request for Snort will fix this error once the request is approved and merged.

Bill

There's an option for nightly updates. ;)

System -> Advanced -> Notifications -> Disable the startup/shutdown beep

@jimp:

@whitexp:

community edition will have less features ?

Nothing changes there, you might be thinking of some other project "community edition" version that killed features, not happening here. It's no different than the differences that are there now on 2.2.x that we ship on our factory hardware vs what you can download. The only real difference is there is a visual indicator of which version is installed and the filenames more clearly reflect what you're getting.

The differences in the factory version have been discussed in detail elsewhere, it's tuned for our hardware, has a couple extra things like a VPC connection wizard, iOS IPsec profile export and such. Search around if you want a more complete list.

Considering this comes up so often it would be nice to be able to refer to a sticky thread that summarizes all of the differences. Heck, it might help you guys sell more factory/pfSense hardware. I think a lot of people believe they can just buy nearly identical hardware and don't realize there are software optimizations.

This is the code from /etc/inc/vpn.inc that runs 'ipsec start'.

        /* manage process */         if ($restart === true) {                 mwexec("/usr/local/sbin/ipsec restart", false);         } else {                 if (isvalidpid("{$g['varrun_path']}/starter.charon.pid")) {                         /* Update configuration changes */                         /* Read secrets */                         mwexec("/usr/local/sbin/ipsec rereadall", false);                         mwexec("/usr/local/sbin/ipsec reload", false);                 } else {                         mwexec("/usr/local/sbin/ipsec start", false);                 }         }

If you try to start it while it's already running, it sees the PID file and just exits.

# ipsec start Starting strongSwan 5.4.0 IPsec [starter]... charon is already running (/var/run/charon.pid exists) -- skipping daemon start

So I'm not sure how it could end up running twice. Maybe if you run 'ipsec start' twice really close to the same time, so both run before the first gets the PID in place.

I'd turn those lines above into something like this:

$ts = microtime(true); log_error("DEBUG: vpn_ipsec_configure manage process. $ts");         /* manage process */         if ($restart === true) {                 mwexec("/usr/local/sbin/ipsec restart", false); log_error("DEBUG: $ts - ipsec reload");         } else {                 if (isvalidpid("{$g['varrun_path']}/starter.charon.pid")) {                         /* Update configuration changes */                         /* Read secrets */ log_error("DEBUG: $ts - rereadall and reload");                         mwexec("/usr/local/sbin/ipsec rereadall", false);                         mwexec("/usr/local/sbin/ipsec reload", false);                 } else { log_error("DEBUG: $ts - ipsec start");                         mwexec("/usr/local/sbin/ipsec start", false);                 }         }

and replicate, then look at the log to see what's happening ("clog /var/log/system.log|grep DEBUG" in SSH).