@rayyanthameem No, the One you linked to has a LC connector in the end. Mine has a SC connector

Edit: just Saw the typo in My original post😊

Ah, good result! 👍

@loges-candies-0l I merged your tickets together -- there is no download option for pfSense Plus for Netgate-branded devices other than opening a ticket -- documented here: https://docs.netgate.com/pfsense/en/latest/solutions/sg-1100/reinstall-pfsense.html

@stephenw10
Yes, go ahead please and add a - solved at the end (or at the beginning). 😊

Regards

Mmm, that is disappointing. Probably nothing we can do though. 😞

@stephenw10 Issue is solved now, ISP tech support came to change modem and that seem to fix my problem but still something does not feel right but at this point I have connectivity through the igc0 port so I am happy.

Thank you so much for your responses @stephenw10 and @dennypage.

The 2100 is no different to any other device when setting up Squid/Squidguard. Our own walk-through here would be fine.

Steve

@rcoleman-netgate said in Disk space?:

@creationguy eMMC storage vs NVMe. Lifespans of eMMC is greatly reduced with heavy log writing from some packages, notably caching and IDS/IPS packages.

Agree, mainly lifespan. Equally punishing packages are pfBlockerNG and NtopNG. They can kill the eMMC in less than a year on a internet native family usage level (if not dialed down on logging/datacollecting activity).

Thank you for the help, I have submitted the ticket for support.

@stephenw10 Okay, I will monitor this again when we have higher loads in order to ensure that this is not causing issues. If not, I probably just have to ignore it. 🙈

Thank you for your support!

@michael-christensen Yes, the SFP interfaces on the 6100 support VLANS. I have one 10Gb interface that runs as VLAN only (no untagged traffic).

@alcroth - just thinking you may want to check back on this post here

There are some developments with that link state of "none" you were seeing.

@cloew You're welcome!

You should see the black diamond LED light as well as the green circle:
https://docs.netgate.com/pfsense/en/latest/solutions/sg-1100/io-ports.html#led-patterns

Is it actually passing any traffic?

Try connecting to the serial console to see if it's booting completely:
https://docs.netgate.com/pfsense/en/latest/solutions/sg-1100/connect-to-console.html

Open a ticket with us if you have not already:
https://www.netgate.com/tac-support-request

Steve

It's very unlikely. There was a much older bug that presented like that: https://redmine.pfsense.org/issues/8047
It was fixed long ago though and showed a different error:

Incorrect flash image file size. Failed to update OEM section, exiting ...

Steve

Yes, you should upgrade. There's every chance the bug that allowed that invalid ruleset to be created has been fixed in the 4 years since 2.4.4. Along with numerous security fixes!

Steve

Yes, it certainly looks like that but those ports don't necessarily indicate it's actually NATing. Having tested it myself numerous times I would be very surprised to see 800Mbps with NAT and filtering enabled. There are a lot of variables but 500Mbps is around what I expect to see in a local iperf3 test between WAN and LAN.

Steve

When you use a 10/1G SFP+ module you will see 1G is an available setting:

[22.09-DEVELOPMENT][admin@6100.stevew.lan]/root: ifconfig -vm ix1 ix1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 description: IX1 options=8138b8<VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,WOL_UCAST,WOL_MCAST,WOL_MAGIC,VLAN_HWFILTER> capabilities=f53fbb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,TSO6,LRO,WOL_UCAST,WOL_MCAST,WOL_MAGIC,VLAN_HWFILTER,VLAN_HWTSO,NETMAP,RXCSUM_IPV6,TXCSUM_IPV6> ether 00:08:a2:12:17:7f inet6 fe80::208:a2ff:fe12:177f%ix1 prefixlen 64 scopeid 0x6 inet 192.168.79.2 netmask 0xffffff00 broadcast 192.168.79.255 media: Ethernet autoselect status: no carrier supported media: media autoselect media 1000baseSX media 10Gbase-SR nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> plugged: SFP/SFP+/SFP28 10G Base-SR (LC) vendor: FINISAR CORP. PN: FTLX8571D3BCV-CK SN: ANL1C1V DATE: 2012-11-21 module temperature: 40.65 C Voltage: 3.33 Volts RX: 0.01 mW (-17.28 dBm) TX: 0.63 mW (-1.99 dBm)

And the speed/duplex field in the gui will reflect that.

Steve

@stephenw10
I think you're right.
I've set the Firewalll Optimization to normal, which should've set the time out for "FIN WAIT" to 900 seconds, but it still doesn't kill the state.
So I guess back to the roots to find out what the problem is.

EDIT
Well uhm, somehow it solved my problem automatically without restarting the VPN tunnel. I think the Firewall Optimization worked, need to do more testing though.