@stephenw10 Thanks!

@rcoleman-netgate said in In the market for a Netgate appliance: Why: "but I will be upgrading to 1gig service soon" Good enough reason!!!

Thanks.

It's fine, we tested it extensively. I have several here running ZFS now. It does use more RAM so if you were previously right on the limit you might want to stay on UFS. Steve

Yeah, if you recorded the key from the 8860 somewhere you can just enter that and restore a config. Otherwise if you entered a Hint/Identifier we can try to find that for you or if you have the 8860 NDI we can search by that also. Open a ticket if so: https://www.netgate.com/tac-support-request Steve

@viktor_g Thanks. What's the ETA for this to be included in an updated Suricata package?

@r0bb10 Thank you very much for your guide. I'll see if I can locate a e3372h stick and give your procedure a spin :-)

@rlmajor2k9 said in Lost internet access after Xfinity Reboot...: can ping to 8.8.8.8. Specifically when sourced from the LAN? There are two reasons why you might not be able to connect out when pfSense itself can. Either there is a bad default route (or none) or no outbound NAT. Pinging from the LAN IP should test both those things. Check the routing table in Diag > Routes. Make sure a default route exists and is correct. Steve

NetGate would score a big win in my books if they make a product that's between the 5100 and 6100 with; A minimum of 4 regular RJ45 LAN ports (1/2.5GB) 2 LAN ports in 1/10GB SFP+ 2 WAN ports in both RJ45 (1/2.5/10GB) and SFP+ in 1/10GB Same Case or form factor as the 6100 or 5100 NetGate please make it happen....

With that many VLANs I would be editing the config manually as you did. What exactly did you do? The SG-4860 is all igb NICs and the 6100 has none so they would all need to be changed. If you want you can open a ticket with us and we can convert that config for you: https://www.netgate.com/tac-support-request Steve

I can live with that. Thank you.

Not on the built-in interfaces, no. They are 10G/1G only. Steve

Ok, well what do you see? Can you post the logs so we can review?

@stephenw10 thanks for the answer

Thank you for the clarification and technical insight. I will put this device in a different spot that does not rely on transmitted VLAN tags.

@gerald26500 said in Netgate 6100: @keyser Oh man , I feel so stupid. Il all FW rules I had IPV4 TCP ... instead of IPV4 * so all good now I really appreciate your help though ! Thanks! Those things happens to all of us. As Long as it works as intended all is good

It could. Potentially. But, as I said, it would very easy to end up with some asymmetry and the unexpected blocking that brings with it. Steve

Hi again,.. just reading through previous posts re: ADVA's and 1G sm connetivity.. As it happens I have had repeated success with with media convertors (as have many I'm sure) but thought I'd mention it here as a possible help to others.. With 6 ADVA's, all 1G SFP presented (and different providers) I have used these to succesfully connect: [image: 1643479770623-4b96af75-b8b8-433a-a4d2-e30ec2dc2450-image.png] I did try the Mikrotik SFP in the 7100 for a direct connection to ADVA.. but no joy... Pricing is good for the kit too... as I mentioned it has worked very well over past 3 years (when first went in) on 6 sites with 1G SFP ADVAs...