It should appear imediately below the client config section when you enable advanced config:
Selection_880.png

It's normally hidden by client side script. Try a different browser if you don't see it or check your browser plugins, something may be blocking it.

Steve

It depends what you're forwarding of course. It's not something I have tested myself (or is often used) but there are some numbers for forwarding only on the product page:
https://store.netgate.com/XG-7100.aspx

Steve

@stephenw10 sure, will give 400K a try and see. Thanks

I have unblocked that. Please try to open a ticket again if you still need the firmware.

Steve

@pi said in SG-1100 always that flaky or I got a dud?:

That’s funny. I’m a couple of months into pfSense and I’m still breaking it, probably weekly.

Unfortunately, I can't do that anymore because there are a lot of production environments in which we use pfSense.

All success can be gained through a lot of experience 😉

Go for it...

@dotdash sorry for the late response, and thanks for your reply!
I ended up going with an SG-1100, and it seems to be holding up pretty well. I have yet to install pfBlockerNG on it though, so not sure if it will be enough for that. If anyone else is looking at doing this, it was a little tricky getting familiar with the fact that all of the ports belong to an internal switch, but I was able to work through it with a little help from the internet :)
Bill

Thank you @stephenw10 and @keyser.

@keyser, based on your comment I looked up my Netgear (R7000, I am using the router as a wifi AP). It seems like many people online complain about dropped connections. Based on online advice, I reverted it back to a previous firmware version.

If that works, I'll come back and post details so future readers in a similar situation can benefit. For now, fingers crossed.

@digitalvt said in SG-3100 Hangs after internet outage:

I couldn't even connect via browser to the pfSense?!

When you visit the GUI dashboard, the information isn't all static. Most of it is collected "at the source' and some of that isn't available "on site".
Example, package version info is compared with available versions on the 'Netgate' package server. A working connection is needed (read = DNS, amongst other, should work). If the connection is lost, the GUI behaves somewhat like any other web site that is off line. The GUI dashboard will show up, after some (DNS) time outs.

Start finding the answer to this question :

cc44ab7e-0d97-4f33-8d28-9734d86217ce-image.png 0612055684

Why is the Resolver restarting so often ?
When it restarts, DNS will be off line for several moments.
A reason might be, as you showed : if dpinger 'thinks' restarts the Internet connection is bad (very high latency, or even pings lost) then it restarts the WAN interface - and packages / processes like unbound.
Discover why your uplink (ISP) is bad, and you should be close to a solution.

I use a lot of PC Engines APU2D4 which has an AMD GX-412TC 1Ghz CPU, 4GB DDR3-1333 soldered memory, supports AES-NI, (3) I210 ethernet ports. These boxes run notoriously hot. The worst I've seen (hot environment) is it chugging along at 71C (159F?) with no problem. In a cool environment the box still runs at 50C.

@Derelict Now there's wisdom -- would have saved me a lot of time even if the ISP support queues are long, etc.

The DHCP lease list will not show them if they are statically assigned and do not request a lease.

The correct way to do this is set the DHCP range on OPT so it does not include any of the fixed IP devices. Then as a static dhcp lease for each of them manually in pfSense. They should never ask for that lease but if one of them default's to dhcp pfSense will then give it to them. The static leases are listed on the DHCP status page and they will show on-line if they have current ARP table entries.

Steve

Thank you, opened ticket.

The XG-7100 will route traffic at >10Gbps (depending on packet sizes etc) but that's probably not what you mean. If you are using it as a firewall and include NAT it's closer to 6Gbps, again depending on the traffic.
See: https://www.netgate.com/products/appliances/

You can add the expansion card yourself but you would need to order the fitting kit (contact sales):
https://docs.netgate.com/pfsense/en/latest/solutions/xg-7100-1u/optional-expansion-card-installation.html

Indeed, the eMMC is slower but that really only significantly affects boot time. You would want to use an SSD if you plan to run any packages that need to write to the drive such as Squid or something that logs a lot like Snort.

8GB is sufficient for almost everything. It's possible to upgrade that too, the SODIMM slot is on the top of the board.

The Intel NICs in it will work with a wide variety of SFP+ modules but those we sell in the store are tested to work.

Steve

The SG-1100 can usually pass 450-500Mbps so there may be some optimising to do there. It won't pass 716Mbps though.
The SG-3100 can pass traffic at or very close to Gigabit line rate (941Mbps) so should be fine there.

There are always variables here, precise numbers are hard to give.

Steve

Thank you @Rico.

To your point, I think having WAN plugged in certainly helps the WebGUI. I tried Chromebook, and the WebGUI does load fine. On my windows 10 devices with Chrome browser (Version 84.0.4147.105 (Official Build) (64-bit)) , it still just shows me "processing request..." forever. I have to reload the page for the dashboard to show up.

Since my LAN is working , I am not too keen to experiment with it too much. Yesterday when I was trying to setup, I got yelled at by my wife and kids for an hour while there was no network inside the house.

Now I am focused on making the OPT interface work. The primary reason why I got a Netgate device was to be able to isolate my security camera system on a separate network than my home network. I'll start a separate thread for that.

@pulsartiger said in SG-1100 right for me?:

Ive read in various places that 2.5 release will require AES-NI.

Official informations are here:
https://www.netgate.com/blog/pfsense-2-5-and-aes-ni.html
https://www.netgate.com/blog/more-on-aes-ni.html

@pulsartiger "That said, would the SG-1100 be a good choice?"

For your future plans, I think more horsepower is needed, as @Rico suggested... =SG-5100

I, if I were in your place, I would build my own pfSense box (pcEngines APU, used thin client, used branded server from Dell, IBM, Supermicro for VM environment, etc.) with this also learns some hardware skills...

@jbomberger said in Netgate XG-7100 1u Status light:

webcam.... no.

Copy that 😉

@angeloweb said in SG-2440 USB ports:

to how the devices handle a power failure

Typically, the UPS software would / should tell you the maximum autonomy before battery depletion. Cut that time in half, and round it to to a lower minute value time. Have your systems shut down - power down - at that X minutes.
remember that batteries do loose their charge (== time before depletion) over several month. Change batteries after 2 to 3 years max.

hy @stephenw10 no i am good for now this solutions works as expected it is only a temp setup so we can prepare our network for a move to datacenter. Now we can replicate the network settings.

I just finished the cutover and indeed everything worked when I checked the tagged box for the VLANs in the switch.

Thank you everyone for your help. It feels good to have this done.