All of those CARP IPs are on LAN directly. They should be on their own interfaces. Steve

They may be sending a prefix only in which case the WAN would not get an IPv6 address directly and would using link-local for routing the prefix. My ISP does that. If you have LAN or OPT set to track WAN with prefix ID set they should get a v6 IP. Enable Debug in the dhcpv6 settings on WAN and you will get a lot more logged info when it connects. Steve

@gertjan Thank you! just upgraded it with no issue :)

Yes, you can't change the power state on ARM like you can on x86 so there is no real shutdown, just CPU halt. The 2100 and 3100 have a separate LED controller that will continue to pulse the black diamond LED. Steve

I did quite a lot of testing on this recently and there is no significant difference between LAN and OPT for throughput to/from WAN. However I use OPT as my main connection here just because I also have it connected to an external switch and it makes changing VLANs on that link a lot easier. You may have no VLANs now but if you have a 1G connection and a number of devices using it you'll probably want to start segregating them at some point. Steve

It probably would work with a 1G NIC in the 7100 but that's not something I've ever tried and I can't test it. 1G NICs are not expensive though it you have the expansion card fitting kit. But more expensive that just using the media converter you have and know works. Steve

Thanks. I figured it out. I wasn't expecting the discrete NIC's. I am all set now.

Oh, they have one for the 5100 as well. It's 1.37U tall which is just a little odd, but otherwise seems slick.

Netgate responded super fast. Provided ver.21.05.1 firmware and clean instructions to reinstall it on the 3100. Whole process was took 15min. I'm back in business

If you are using ix0/ix1 the VLANs work exactly like any other pfSense install. Can you show us how you have them configured? Steve

Yup, I would say the same. Any firewall will handle it, even the 1100, but if you want to use VPNs, filtering, traffic shaping etc and have that many clients I'd go for the 5100. Or the 6100 now. Steve

@andyrh said in New 7100 setup: I moved the WAN by changing the parent interface for the default WAN VLAN. The VLAN on WAN, 4090 by default, only applies to the internal switch. So simply moving the VLAN parent to ix0 or igb3 would only work if VLAN 4090 is defined correctly on the external switch they are connected to. If that's not the case the new WAN interface would be directly ix0 or igb3 without a VLAN. Steve

Yes, it's because you are running the Factory Edition. On that particular hardware you can re-install as CE if you really wanted to but I would not recommend it: https://nyifiles.netgate.com/mirror/downloads/pfSense-CE-memstick-ADI-2.5.2-RELEASE-amd64.img.gz Steve

If it's still flashing all three blue LEDs then it has not booted completely. If it's still flashing orange then it's still seeing an available update so I'd say it didn't complete the upgrade for some reason. I would re-install 21.05.1 clean from there and restore the config. If it didn't complete the upgrade you can never be sure what state it's in otherwise. Check the routing tables: netstat -rn Make sure you have a default route and it's the right one. Steve

@trevorftard Look at Interfaces > Switches > Ports [image: 1629867187056-screenshot-2021-08-25-at-05.51.11-resized.png]

Hello, looks like I had to reinstall the OS. Opened a ticket with negate support and they were able to guide me through the procedure. Thank you