Did you have a specific question?

If you're unsure I would first try installing CE on whatever hardware you have to test it.

Steve

@stephenw10 , many thanks Stephen.
Best regards.

@stephenw10
Found the problem with OpenVPN after a lot of digging. Looks like dyndns wasn’t updating cloudflare even though the dyndns client tab showed that cloudflare was up to date. I could see from the dns records on the cloudflare site that they were out of date. Forced an update and now OpenVPN is reachable.

The dyndns package had the proper IP and the update script is working so perhaps this was just a temporary issue with cloudflare and only a coincidence with the timing. Not really sure. 🥺

@claferriere Concur with @stephenw10 - don’t go there unless you really know what you are doing.

However - I do exactly what you are asking about with a GPON Bridge SFP in my SG-2100 in France. I have tried the very same SFP in my SG-6100 and it works there as well. So module compatibility is there - but that is the least of the problems in getting GPON termination directly in pfSense :-)

You are not the first asking about this: Read this thread: https://forum.netgate.com/topic/189708/fiber-optic-to-pfsense-box?page=2

That's when it stopped responding?

Check the Status > Monitoring graphs at the point it appears to hang. Do you see the CPU spiking or traffic or memory use?

Is there any reason you're still running 23.09?

Since I'm here I'm happy to report that the following modules are compatible with the netgate 6100 :

Mikrotik S+RJ10

FS SFP-10G-T100

@Gertjan I agree with you here completely.
Although I would just add….Can pfsense do any of the things outlined? Yes. Can it do it well(compared to other security appliances)? No. Pfsense isn’t a UTM device.

So that said, being ISO compliant is one thing but the other part of the assessment should be “do I want a security appliance that has a laser focus on cyber security)?

@mikek
complete rebuild did not lead to a better result. have a support case with my provider that is not really progressing either. looks like for the immediate future DCO is not available.

You can run the SG-1000 from a uSD card directly. If you ask the TAC guys they can get you a specific image that runs directly without requiring the installer. However it cannot run any pfSense version after 22.05 so coming up to 2 years without updates.

Thank you.

For the record, I set speed shift back to 80 last week, and this week has been fine. I think the issue was just a coincidence of my timing with regards to upgrading to the 4200 and the croudstrike issues.

Hmm, there isn't a user interface to the serial number / date cut-off. Feel free to ping me though, there won't be that many requests.

@stephenw10 You got it! The command you sent me only resulted in errors:

[23.05.1-RELEASE][root@FW-A.local]/root: pkg-static search flashrom
pkg-static: Repository pfSense-core missing. 'pkg update' required
pkg-static: An error occured while fetching package
pkg-static: An error occured while fetching package
pkg-static: An error occured while fetching package
pkg-static: An error occured while fetching package
pkg-static: An error occured while fetching package
pkg-static: An error occured while fetching package
pkg-static: An error occured while fetching package
pkg-static: An error occured while fetching package

However, I went to the update settings in the web UI and the branch was set to 23.09.1. I uninstalled the package "Netgate_Firmware_Update", changed the branch to 23.05.1, reinstalled "Netgate_Firmware_Package", and it worked!

Thank you so much!

I will do. Thanks for checking that.

Hmm, there was a bunch of work around gateways and I recall testing this at the time but it appears to be a regression: https://redmine.pfsense.org/issues/15669

I found solution for the m.2

setenv m2boot 'scsi reset; fatload scsi 0:1 200000 ubldr.bin; go 200000;' saveenv reset

Then it should boot correctly from the m.2

It looked like this for me as default.

setenv m2boot 'scsi reset; fatload scsi 0:0 200000 ubldr.bin; go 200000;'

Hmm, that must have been a while ago, we no longer use that ticket system. Do you have the serial number or NDI from it? You can send it to me in chat.

Was that 2100 installed in the same location? Same network?

Yes, if the console is completely unresponsive then it won't help but the console is often the last thing to still function.