Last update to this — the vendor confirmed that USB is no longer working but was able to repair the appliance by installing a small SSD and put the recovery image on the eMMC just in case.

This turned out to be more cost effective than buying a new unit and should buy me some time until new hardware is released and the whole microchip/licensing future becomes clearer.

@derelict Thank you. That could be a candidate for the fastest response time in the year 2018.

To answer my own question: the reason is simple. MS120 series does not have SFP+ (10Gbe) but SFP (1Gbe) cages.

You would probably better off with 4 faster cores than 16 slower cores based on typical workloads.

This seems overly complicated. Let the Ubi switch do switching (vlans) and let the pfsense do routing. Can you hookup everything to the Ubi switch instead?

Then, you only need 1 cable on the sg3100 lan to the switch. Put all vlans in that (trunk) port. LAN configs between the sg3100 & switch should then match.

Just my $0.02.

@dgall said in How to add swap memory to Netgate SG-3100:

I was messing around with the pfblocker geoip and it keeps saying I do not have enough memory when I try to block countries.

You don't need more memory for GeoIP. Just increase the pfSense > System > Advanced > Firewall & NAT > Firewall Maximum Table Entries > 2000000

DNSBL on the other hand needs more memory depending on the number of domains added and if wildcard blocking is enabled (The TLD option).

@goodthings said in Upgrading SG-2220 from 2.3.x to 2.4.x:

115200

Yes, indeed after using 115200 as advised by the technical support I was able to get it to work. I just confused 115200 with 112500 in my attempts.

That sounds excellent. A pfsense firewall at that pricepoint is unbeatable.

Okay, thank you. That makes sense because doing what I outlined above didn't solve my problem.

I should mention this. The behavior of the SG-5100 is a bit different than the unit shown in this video, but that is not surprising. The bottom line is the it is a Reset button on the front of the 5100 for resetting to factory defaults.

Another quick update - the SG-2440 was removed from service about 6 months ago - office consolidation.

Pulled the box home - powered it up on late last week, and it worked thru the boot sequence and started up correctly.... did the pfSense upgrade to 2.4.4, and all seems to be good.

So that's a really cold boot so to speak...

Anyways - with coreboot ADI_RCCVE-01.00.00.17-nodebug and 2.4.4, seems to be working.

Still some concern about the C2000 series issue - the coreboot update should have fixed things, but still see a number of reports of no-boot issues on this board family here on the forums - not clear as all queries have been directed back to netgate customer support, and no further action on those posts...

Well right after Installation when you login into the WebGUI some wizard comes up and you will end up with a working and secure basic Setup. :-)

-Rico

Hello.
Please, create a ticket: go.netgate.com and put all this info into your ticket, also Serial number or order number

Azamat

For BIOS settings search for NCA-1510 User Manual
😉

FYI: https://redmine.pfsense.org/issues/8994

@derelict @azekiel
Well, finally returned to this subject after reading about the 'etherswitchcfg' command which let's you create another lagg on the switch. Here's how it looks in the UI after I've created lagg1 using the command 'etherswitchcfg laggroup1 members 7,8'.

0_1540864231042_Screen Shot 2018-10-29 at 6.49.02 PM.png

I notice that the UI in 2.4.4 lets you edit the laggs on the switch, but whenever you save it (or touch the switch configuration in anyway) they all just because lagg0 ... a bug?

Anyway, I have this manually lagged into my switch (no LACP I read somewhere) and it all seems to work.

Thanks for the follow up!

Steve

@wgstarks, they did not offer a method. For us it means hoping our backup was shutdown properly and not finding out if there is a problem until we go to deploy our backup box in an emergency. Looks like something pretty basic was overlooked in the development process.

I hope I didn't make a bad decision by switching to pfSense hardware. I won't know for sure until we get more time in production. We had over a year using pfSense in a virtualized environment and it worked great. The only big problem we had was any major changes or troubleshooting we needed to do on ESXi meant taking the whole network down instead of just the services on that server.

I updated the content in that post. Thanks for pointing it out!

Thanks. This resolves my issue.