Did that. Thank you.

Mmm, interesting point. I've not seen any issues with the velcro fastenings I've used but whilst they are in rack-mount boxes they are not actually rack mounted, they do not run hot. Steve

@ltl_off Can you open a ticket at https://go.netgate.com Thanks!

Can you open a ticket at https://go.netgate.com? Thanks!

Thanks, after some playing around, that setting actually fixed things for us. Thanks for the reply!

I have resolved the issues by rebooting the SG1000. I can now ping and connect to devices in the Untagged VLAN. PING 10.1.50.2 (10.1.50.2): 56 data bytes 64 bytes from 10.1.50.2: icmp_seq=0 ttl=64 time=0.801 ms 64 bytes from 10.1.50.2: icmp_seq=1 ttl=64 time=0.457 ms 64 bytes from 10.1.50.2: icmp_seq=2 ttl=64 time=0.401 ms --- 10.1.50.2 ping statistics --- 3 packets transmitted, 3 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 0.401/0.553/0.801/0.177 ms

It's better to create a ticket on go.netgate.com and describe your problem

Peter, I'm glad you are all set. Enjoy your firewall!

Cool. Thanks again for the help guys. Merry Christmas!!

I've recently purchased and configured from scratch my first pfSense box using the MBT-4220. It's been running well for about a week now and I'll have a few weeks further to evaluate it and tweak it. This MBT-4220 is a great replacement for a quite old FreeBSD system I've not upgraded in years. For home use this is more than adequate and meets my needs: DHCP pools and static mapping OpenSSH user shell OpenVPN connection for family mobile devices traffic mapping using ntopng *Queing *Squid/squidguard Many of these things I configured by hand in the past but now have everything in a nice little box. Wifi access is provided by a separate wifi router. I've read about replacing the fan with a heat sink so I'm investigating that as a possible upgrade. For home the cpu runs 4-10% depending on activity and ntopng. Load averages are about 0.24 with a video stream running. Temperature with the fan is about 38-40°C. Configuring OpenVPN for my family's phones and PCs is pretty simple. It's been good to add squidguard on the OpenVPN interfaces so I can filter out the trackers and ads (and other unwanted content).

Thank you, Derelict, for your suggestion. Support was able to help me. -Fred

@mhab12 I think this might be it (can't reach the DNS servers). I swapped the 3.1 modem for a 3.0 modem I had used for a long time with no problems. So far the problem has ceased. I was actually hoping it would be the modem, but the behavior from pfSense is well uhm, a bug if you ask me. You're trying to work out a problem and pfSense just contributes to the problem. Well thanks all for replies. Yes, I could ping. Yes it was a rapid reply. I did not ssh into the box. Once the above appeared to solve the problem I did not want to go back to the old modem since it seems clear (for now) the problem is not with pf Sense. Regards, Barry

Thanks Stephen. SUCCESS! Here is a synopsis of what I did in case someone else encounters this problem: Marvell>>boot ... loader>boot -s ... Trying to mount root from ufs:/dev/diskid/DISK-CEF032182700058s2a [rw,noatime]... WARNING: / was not properly dismounted Enter full pathname of shell or RETURN for /bin/sh: fsck -y ... fsck -y ... fsck -y ... ***** FILE SYSTEM MARKED CLEAN ***** #reboot ... Netgate SG-3100 - Serial: 1130180696 - Netgate Device ID: bdfbc7c1c133fb11d042 *** Welcome to pfSense 2.4.4-RELEASE (arm) on pfSense *** WAN (wan) -> mvneta2 -> v4/DHCP4: 192.168.1.9/24 LAN (lan) -> mvneta1 -> v4: 192.168.3.1/31 OPT1 (opt1) -> mvneta0 -> v4: 192.168.100.1/32 Logout (SSH only) 9) pfTop Assign Interfaces 10) Filter Logs Set interface(s) IP address 11) Restart webConfigurator Reset webConfigurator password 12) PHP shell + pfSense tools Reset to factory defaults 13) Update from console Reboot system 14) Enable Secure Shell (sshd) Halt system 15) Restore recent configuration Ping host 16) Restart PHP-FPM Shell Enter an option:

@chrismacmahon : Thanks, I appreciate any help/info provided. I'm aware we are not currently on paid support so no expectations.

I would look into using IPSEC instead of the OpenVPN client connection you are using, you will see a speed improvement. My unit's getting around 100Mbps when on AES-128-CBC (UDP), adding SHA1 auth drops me to ~80Mbps. Same link using IPSec (IKEv2, AES-128-GCM), I get around 150Mbps

Aside from an older bug https://forum.netgate.com/topic/130980/suricata-not-limiting-log-sizes-by-default Suricata shouldn't use much disk space. I checked a client's SG-3100 and Disk Usage on the pfSense home page shows "24% of 7.0GiB."

Ok, I'll try a fresh install of 2.4.4-p1 today and report back. Much appreciated

Yes, thanks. I went back to my backup before the changes, redid it from the start again and this time it worked.

In your place I'd drop some Ticket to the support guys: https://go.netgate.com -Rico

Yes I know, AES-128-CBC was the maximum Speed for my SG-3100. -Rico