@bkseitz 2.5.2 is the numbering used for Community Edition (CE). Since you have a Netgate appliance, you are being migrated to pfSense Plus which is currently at 21.05. Plus is the same as CE with a few minor additions. Announcing pfSense Plus

I swapped cables, swapped the firewall for a white box pfSense, swapped the firewall with a UniFi USG, placed a switch in between the firewall and the ISP, and the interface was still flapping. The ISP is a WISP. They supposedly swapped out the radio on top of the roof, but it was still flapping. I wanted them to replace the cable and the PoE injector, but they didn't. We ended up hard setting the speed/duplex to 100 FDX and the connection is better, but still not perfect. The customer is going to be changing ISPs.

EDIT: Managed to solve this via Support. Needed to reinstall PFSense via the 'run recovery' command. Hit a snag with one of my USB drives, but the 'reset usb' command (x3) , as well as a different drive fixed the issue. Great, and super timely support from Netgate!

@truckin You can only assign interfaces to a LAGG that are not already assigned somewhere else. Add them to the LAGG and then assign the LAGG as an interface itself. In fact you should be able to assign the LAGG with only the one interface assigned to it to free up the other if needed.

Go here and create a ticket: https://go.netgate.com/. You can use the Sign-Up link under "Your Tickets" to create an account if you don't already have one. There is no charge for providing a Netgate appliance image. You will need to have, and provide, the Netgate ID and Serial Number of your appliance, though.

@jimp It's a netgate (Super Micro C2758), probably 4-5 years old? We are ordering a new (7100?) pair to replace these, but I was hoping to check which hardware fault it might be.

I can't reproduce any problem like that here, where I could easily reproduce the error before. If you haven't yet, after you have updated miniupnpd manually as described above, reboot the router to ensure the correct copy is the only one being used. It's also possible there is a lot of local traffic hitting UPnP/NAT-PMP and it's just busy at the time you noticed it.

Hmm, OK. Well glad you were able to connect. The putty interface can be confusing at times. It's all too easy to think you're opening a serial connection when in fact it's just showing you the serial settings and the session is still set as SSH. Steve

It probably is fixed by https://redmine.pfsense.org/issues/11748 which means it would be OK on the latest version of pfSense Plus on the 3100. Is it running 21.05 or something older?

@gertjan I have not tried this as the eMMC is not even supposed to be in-use. I'll have to schedule time for a reboot + check. Even though the log is being spammed with errors, the SG-5100 is working and many people need the VPN gateway to work remotely

Yes, I saw the miniupnpd errors in my logs... but every time I try to paste them into this ticket, it is refused claiming its spam. Hence my GRRR comment up the chain :) I've applied the fixed in the upnp-broken ticket and will see how it goes.

I did find an preorder ad since posting this that clarifies there are 8 independent and flexible WAN/LAN ports. Just my OCD goes crazy when I see it labeled all WAN LOL. Too bad not available until September because I may need to order another SG-5100 soon, since it is the same price seems like a much better device. Is SG-5100 still going to be around or is SG-6100 the replacement?

@stephenw10 Got it, didn't realize the other capacity was on-board. Thanks!

It's an m.2 SATA drive in the MBT not SD card default. The log shows a SATA device. That crash looks like more than just a filesystem error to me. There are also a whole bunch of Snort crashes shown. Memory exhaustion perhaps? You would expect to see issues other than just at upgrade though. Steve

I would not expect to see it there. If you had not power cycled the device since being on 2.4.5 it may still be possible to hit it though.

Yeah they could prob make registering a bit more obvious ;) But here is direct link https://go.netgate.com/support/signup

Oh, nice! Well, I suppose that means we could buy the rackmount kit from the OEM, but it also means that appropriate hardware mounting points are likely already on the body. I don't need wifi6 -- if it was 6E, that might have been interesting enough for a change in plans, but this is good to know (and not surprising). 5G as a connectivity backup plan would be .... interesting.

Not likely with those two temperature values shown. However that looks like an XG-2758 not an XG-7100 (which is not a Rangeley device). There are two virtual console ports on that hardware and the main console is on the other one: https://docs.netgate.com/pfsense/en/latest/solutions/xg-2758/connect-to-console.html#locate-the-console-port-device Steve