Thank you @Rico.

To your point, I think having WAN plugged in certainly helps the WebGUI. I tried Chromebook, and the WebGUI does load fine. On my windows 10 devices with Chrome browser (Version 84.0.4147.105 (Official Build) (64-bit)) , it still just shows me "processing request..." forever. I have to reload the page for the dashboard to show up.

Since my LAN is working , I am not too keen to experiment with it too much. Yesterday when I was trying to setup, I got yelled at by my wife and kids for an hour while there was no network inside the house.

Now I am focused on making the OPT interface work. The primary reason why I got a Netgate device was to be able to isolate my security camera system on a separate network than my home network. I'll start a separate thread for that.

@pulsartiger said in SG-1100 right for me?:

Ive read in various places that 2.5 release will require AES-NI.

Official informations are here:
https://www.netgate.com/blog/pfsense-2-5-and-aes-ni.html
https://www.netgate.com/blog/more-on-aes-ni.html

@pulsartiger "That said, would the SG-1100 be a good choice?"

For your future plans, I think more horsepower is needed, as @Rico suggested... =SG-5100

I, if I were in your place, I would build my own pfSense box (pcEngines APU, used thin client, used branded server from Dell, IBM, Supermicro for VM environment, etc.) with this also learns some hardware skills...

@jbomberger said in Netgate XG-7100 1u Status light:

webcam.... no.

Copy that 😉

@angeloweb said in SG-2440 USB ports:

to how the devices handle a power failure

Typically, the UPS software would / should tell you the maximum autonomy before battery depletion. Cut that time in half, and round it to to a lower minute value time. Have your systems shut down - power down - at that X minutes.
remember that batteries do loose their charge (== time before depletion) over several month. Change batteries after 2 to 3 years max.

hy @stephenw10 no i am good for now this solutions works as expected it is only a temp setup so we can prepare our network for a move to datacenter. Now we can replicate the network settings.

I just finished the cutover and indeed everything worked when I checked the tagged box for the VLANs in the switch.

Thank you everyone for your help. It feels good to have this done.

Yes, you could do that. A lagg of the two 10G SFP ports is obviously higher bandwidth, potentially at least.

If you don't need that on the LAN then it makes no difference.

Steve

@dyener said in Turn off sg1100:

Do the LED lights behave better in higher-end Netgate models (SG-3100, 5100, 7100, etc.)?

I have one SG-5100 on my desk at the moment (going in production tomorrow) so here we go:

Power up:
1_SG-5100.jpg

Booting pfSense:
2_SG-5100.jpg

pfSense ready to push some packets:
3_SG-5100.jpg

After Shutdown via WebGUI (power still connected):
4_SG-5100.jpg

-Rico

Yeah, there's no hard limit on the number of instances. The total bandwidth is what counts here, the SG-3100 can pass ~100Mbps OpenVPN so you should be OK.
I also agree it sounds like you could use one remote access server for students to connect to but if you needed to use 6 that should also be fine.

Steve

What are you running on the SG-1100 to log the traffic on the span port?

I'm not sure what you're trying there has ever been tested so I couldn't tell you what sort of performance you could expect there.

The OPT port would not need any config to monitor incoming packets, I would set that to 'none'.

Do you have pf disabled?

Steve

I pulled the optional 60GB m.2 SSD and powered it up. It went through the normal boot cycle looking for a location to boot from. Looks like a need an image to load. Will likely need a new m.2 SSD as well unless I can salvage this one. I contacted Netgate and they got back to me within a few hours with the firmware and steps needed to try to recover. Big shout out to Netgate for being supportive and responsive. Will try to recover and get back up and running. Still going to buy an SG-3100 for the additional throughput.

@kiokoman Appreciate the advice, thank you! Trying to get traction on this since noon, with no avail. The post-sales experience for a brand new device is sub-par.

Yeah, it's not required and wouldn't really help anyway. If you start using SWAP you have Squid tuned incorrectly. Any system that starts swapping will usually see a massive performance hit when it does.

Steve

From what I could understand, it's related to auto negotiation.. where the master could force the slave to negotiate from 1000baseT to 100baseTX for an example
I didn't know about this master/slave thing in the auto negotiation process.

Thanks Jimp for your time answering me

@chrismacmahon hi Chris, it is back available. Thank you.

@N8LBV said in SG-2440 boot Failure:

can't load 'kernel'

Yeah that's a bit of a show stopper! 😉

Just for reference if you do use the CE image it needs to be the ADI version which enables the console on com2. If you boot the standard CE memstick you see nothing after the bootloader, though it is still booting at the wrong console.

Looks like you got it anyway but for anyone else you can request a factory image for that device by opening a ticket with us (subscription not required).

Steve

That. 👆

It cannot possibly work unless it's intended to connect to a service that is on the client. (that would be horrible though)

It's nothing pfSense is doing, certainly not related to older vs newer versions. The only way this could have worked in 2.3.5 is if you had a host override for that fqdn.

Steve

@stephenw10 I did get the IPv6 working on 3 VLANs. I was originally using a DHCPv6 64-bit prefix which left no room for subnetting. I asked the ISP (Spectrum) for a 60-bit prefix and got one no problem. My second ISP (TDS) won't be supporting IPv6 for a while but I'll be ready when they do!

Try running ifconfig ix0 -vvvm and the same for ix1.
Make sure it is 'seeing' the modules correctly and the incoming optical signal power.

Some devices require setting 1G fixed link speed to get link in a 10G port.

Steve

Just to follow up: Netgate support did modify my old configuration and it came up just fine on the new router. Fantastic experience, thanks Netgate!