You can get OEM branded Intel cards quite cheap 2nd hand if you need to. There's a handy list here: https://forums.servethehome.com/index.php?threads/list-of-nics-and-their-equivalent-oem-parts.20974/ Not all cards may work though. I have personally used an HP 560SFP+ in a XG-7100 and whilst the card is detected and is usable it has the odd quirk of preventing the XG-7100 reboot. Only really an annoyance for me but obviously a huge issue if you were to reboot it remotely. The other thing is that the expansion card is parsed before the on-board NICs so if you use an ix based card like that expect to have to re-assign your interfaces. Crucially including the internal LAGG. The NIC we sell uses the ixl(4) driver so does not have that issue. Steve

I will leave here all I have done along with Netgate support. First of all, I tried to read through console port if there was any data being retrieved by the firewall (https://docs.netgate.com/pfsense/en/latest/solutions/sg-1000/connect-to-console.html), but nothing was received. I have connected that console port, and then turn it on till it shutdown, but no outcome. After this , I made a NVRAM reset used for SG-series units: • Remove power from the system. • Remove the case and orient the system with the Ethernet ports facing you. • Locate the NVRAM reset jumper located just the left of the CPU heatsink. • On early models it is labelled J8, on later models it is labelled J10. Only one of the two will have pins and the jumper present. • Move the jumper from pins 1 & 2 to pins 2 & 3. • Power the system on. The STATUS and SATA LEDs will light briefly then go out. • Remove power, move the jumper back to it's original position and reattach the case. But also no luck. I really hope this info could help others, but one thing is for sure, I have received support from Netgate when there was 5 AM at their timezone, and we start talking through ticket support with gaps between 5 and 10 minutes. This is something I really appreciate, not leaving consumers to their luck, in very hard situations. Note that I didnt had a support contract, and start that ticket as a pfsense user with acommunity edition! And thats why I will buy again Netgate, in this case two XG-7100 units for high availability even being difficult to buy such devices here in Portugal. Netgate

It's a very common power supply - 12V 2A DC 5.5mm x 2.1mm jack, centre pin positive. You should be able to easily source one from Amazon etc.

@stephenw10 Thank you Steve. I contacted the seller, but I was too late, the unit has been sold to another buyer. I appreciate the offer to help though!

Ah, nice result.

You should open a ticket with us about that: https://go.netgate.com/ There may be other envs missing or changed if that one was. Steve

Thanks, it's works now. I have made an File system check. Marc

Without testing that ourselves it's impossible to say for sure. But... I would expect that to work fine with the SG-1100. It would certainly have no problems running it. The PSU has to be capable of suppying the maximum current draw, that's with an mPCIe card and USB devices in both ports. the Normal running current is far less. As a very rough comparison I have tested a similar device that runs on 4AA NiMH cells and saw ~1hr runtime from (4.8Vx2000mAh) 9.6Wh. I don't see any values for the charging current given on their spec sheet so, yes, the SG-1100 may not be sufficient in which case it might be damaged. However it probably won't work anyway because the barrel connector on the SG-1100 is 5.5x2.1 so the PSU will likely not fit into the UPS device. You would have to use an alternative PSU if fit-pc have used a 2.5mm pin in their socket (also not specified). You could probably ask them about both those things though. And, just to be clear, using anything but the supplied PSU is not something we can warranty. Steve

OK, now it's better. With AES128-GCM I can hit the speed of 85MB/s and the processor is around 80%. [image: 1606304111127-c8441de3-b38e-41a8-8e0f-348348e7ce9c-image.png] We can imagine firewall will never hit 160MB/s but, it is closer to the performances announced by Netgate. And my internet bandwith is 1Gb/s, so it's really close to the maximum. Thank you for your help. Anthony

That is correct, LAN will be able to ping IOT. IOT will not be able to create connection to ping LAN though which is what you asked about. Steve

It does, and you can use them with a modified config, it requires additional switch config. The expansion card provides separate igb interfaces so if, for example, your existing config only had 4 interfaces from the 8860 assigned you would not require any config changes. To be clear you do not need the expansion card. Steve

Hmm, I would not expect to ever require a power cycle for the switched ports. The only time I have ever seen that is if a bad SFP module is used. It's possible the ix0/1 ports can require a power cycle to clear their state. Anyway glad you found it. Steve

@stephenw10 Sounds great to me, even more so hearing it from an administrator after 4 hours :D

@stephenw10 Of course, that's it. I totally forgot that was the case. I guess it's been too long since I've setup a VLAN. Thank you for the help and have a nice weekend.

JimP /Netgate did a great High Availability Hangout Video: https://www.youtube.com/watch?v=VnBnnh81G7w -Rico

I suspect the OP is using SFP to indicate either SFP or SFP+ here. I would certainly check the link speed though, 900Mbps seems suspiciously like 1G. Also check the flow control settings, they are likely enabled by default and can be a problem in some setups. https://docs.netgate.com/pfsense/en/latest/hardware/tune.html#flow-control Steve

You can't import it directly because of the internal switch differences. If you can send it to us we can convert it for you so you can just import it. https://go.netgate.com/ Otherwise you would need to move the VLAN/LAGG/SWITch config across. Steve

Yup, if you're able to send is your old config just open a ticket with us and let us know which ports on the XG-7100 you would like to use for each defined interface. We can convert it so you can just import it directly. You don't need a support subscription for that. https://go.netgate.com/ Steve

Good day, I think it is necessary to solve it on the switch via ACL ... I don't have a UniFi switch, so I can't advise it much. I only have UniFi AP AC RL. I don't have any NETGATE devices yet, I'm just getting ...

1: You do not need to contact support to update the firmware. That process is only needed if you need to reflash it from scratch (cleaning the built in flash). It comes with a firmware build onboard, and that will update itself just like you are use to on your server. 2: It does not need internet to be setup. BUT: The GUI is very very slow when no Internet/DNS is available, and if you restore a config to it, no packages are installed automatically from the config. So it’s a tradeoff: You can restore your config “offline” on a very slow GUI, and you’ll have to reinstall any packages (all settings are preserved) once it gets online and have internet access. OR: You can shut down your server, insert the SG-3100 and restore your config.