@teamits said in SG-3100 - NAT rule for single Public IP: Are you having the NAT rule create a linked firewall rule that allows traffic to 192.168.2.10:22? That should be the default. confirmed, this was working automatically. Figured out it was the source port needing to be "any". Thanks!

@arf_668 said in Control SG-4860 status LED?: ubuntu 16.04 You should update! I've never tried in Linux. I would probably start looking at OpenWRT where they have a bunch of LED control code. Back when I first started looking at this I used lcdproc as a reference where it was bit banging on the parallel port. The actual code I previously used was very similar to this: https://github.com/stephenw10/WGXepc/blob/master/WGXepc.c#L559 Though I don't recommend anyone uses my terrible code! The gpiobase for C2K is 0x500. You can get those details from the Intel docs. Steve

Just as alternative dual booting a MBP with Mint works great for console access. Drivers for everything already in kernel etc. Also I'm pretty sure if you install UEFI to the m.2 drive it will then boot from that by default. The 2.5 installer gives you more options in that respect. Steve

You may have been locked out by sshguard in which case just wait until your IP is unblocked again. Otherwise try connecting to the serial console and restarting php and the webconfigurator, console menu options 16 then 11. https://docs.netgate.com/pfsense/en/latest/solutions/sg-1100/connect-to-console.html Steve

I mean protonmail unfortunately.

@stephenw10 thanks for that, I just didn't know if I'd missed something where repo's changed or whatnot.

@stephenw10 Thanks for the confirmation. Now I know what do if it happens again. Also 2.5 seems to be coming soon for the fix.

Hi ! I think it's okay now. Appreciate the response :)

@stephenw10 Thanks, I ran a few times for good luck. No issues. HappyHappyHappyJoyJoyJoy :) Thanks for help.

@stephenw10 said in SG-2100 Switch port question: Yes, to confirm, you can remove that. You don't even have tp have the uplink interface assigned if you have all 4 LAN ports as VLANs. Steve Thanks. I took that one last step and unassigned the interface. I love this gateway!

@kevinspooner said in SG-2100, do I understand this correctly?: Hi. Have you received the package yet? How satisfied are you with your purchase? I could not be more pleased. Beyond the quick delivery and the packaging, the gateway is amazing. I'm getting familiar with it before my Unifi switches and WAP arrive. The internal switch makes this gateway extremely flexible. I chose the SG-2100 for the 4G of ram. I didn't really need the 4 ports. One 24 port switch is all I really needed. However, I can't bring myself to connect a switch at 1Gbps to the internal SG-2100 switch that has a 2.5Gbps uplink. That makes no sense. So, to make the best use of the internal SG-2100 switch, I created 4 individual networks (I'll use 3). This will also keep internal VLAN traffic off of the SG-2100. That said, while the 4 ports look like they are discrete ports, they aren't. It's still a switch. I initially thought I'd address my Unifi switches (which aren't here yet) per the network they are on. This would mean the router would route the Unifi management traffic between networks. Then it hit me, try creating a VLAN and tagging it on all the ports. That works (I figured it would). [image: 1610973889298-switchvlans.png] Bottom line, I couldn't be happier.

Hmm, that's interesting. Not sure I've ever seen that. If you have any doubt I would backup the config and re-install 2.4.5p1 clean. Open a ticket with us to get the latest image: https://go.netgate.com/ Steve

@kiokoman thank you! Learned a few things through this process... 1. i have to enable logs to view allows on the firewall rule and 2. the new cloudkey controller update changed some of the ports used for remote gui access on the unifi platform. Thanks for the guidance!

@johnpoz Exactly what I'm thinking. :)

@jknott said in Do software updates require a support package: What would you recommend. Like Steve,....minimum 3100 because you love to experiment and this requires a flexible HW.

@brimansd44 said in usage with spectrum biz with both rfc1918 and public IP block: How far up the Netgate product line do I have to go to get a setup where I can use both networks on one device and not use their router? There is no difference in the available features here. If you can do this on an XG-1541 you will still be able to do it on an SG-1100. Though I would want to go to at least the SG-2100 for a 400Mbps connection. Steve

Thank you guys @gabacho4 and @Derelict for the quick support, when I started I had two problems: I couldn't open a Ticket because I couldn't login into the Support Desktop portal. My SG-1100 wasn't functional and all I saw in the console was "Marvel>>" At the end of the day both problems got solved: I had to use a different email account to register in the Support desktop portal, originally I was using my "@protonmail.com" account, I got the registration email but couldn't login. After registering using a "@gmail.com" account I was able to sign in, log in and create a ticket. To fix the SG-1100, once I created the ticket, the Netgate team was very quick to provide me with the SG-1100 image I needed to reinstall pfSense and the instructions to do so. I was successful and now I have a functional device. The question still remains on why I couldn't loggin using the protonmail account, I was able to place an order with it and register into this forum, but I couldn't sign in for the Support Desktop Portal, privacy was the price to pay this time LOL. Thanks again for your willingness to help.

@stephenw10 Thanks. I ended up just going with 192.X.X.2 - 192.X.X.199 addresses in the pool, using the RBR50 as an Access Point and assigning some static IPs above the range of the pool.

If you have a "1G" connection you are going to want to step-up to the SG-3100. With an SG-2100 configured for outbound NAT and firewall like that you will not see 800Mbps when testing to, for example, speedtest .net from a client behind it. Steve