The DHCP lease list will not show them if they are statically assigned and do not request a lease. The correct way to do this is set the DHCP range on OPT so it does not include any of the fixed IP devices. Then as a static dhcp lease for each of them manually in pfSense. They should never ask for that lease but if one of them default's to dhcp pfSense will then give it to them. The static leases are listed on the DHCP status page and they will show on-line if they have current ARP table entries. Steve

Thank you, opened ticket.

The XG-7100 will route traffic at >10Gbps (depending on packet sizes etc) but that's probably not what you mean. If you are using it as a firewall and include NAT it's closer to 6Gbps, again depending on the traffic. See: https://www.netgate.com/products/appliances/ You can add the expansion card yourself but you would need to order the fitting kit (contact sales): https://docs.netgate.com/pfsense/en/latest/solutions/xg-7100-1u/optional-expansion-card-installation.html Indeed, the eMMC is slower but that really only significantly affects boot time. You would want to use an SSD if you plan to run any packages that need to write to the drive such as Squid or something that logs a lot like Snort. 8GB is sufficient for almost everything. It's possible to upgrade that too, the SODIMM slot is on the top of the board. The Intel NICs in it will work with a wide variety of SFP+ modules but those we sell in the store are tested to work. Steve

The SG-1100 can usually pass 450-500Mbps so there may be some optimising to do there. It won't pass 716Mbps though. The SG-3100 can pass traffic at or very close to Gigabit line rate (941Mbps) so should be fine there. There are always variables here, precise numbers are hard to give. Steve

Thank you @Rico. To your point, I think having WAN plugged in certainly helps the WebGUI. I tried Chromebook, and the WebGUI does load fine. On my windows 10 devices with Chrome browser (Version 84.0.4147.105 (Official Build) (64-bit)) , it still just shows me "processing request..." forever. I have to reload the page for the dashboard to show up. Since my LAN is working , I am not too keen to experiment with it too much. Yesterday when I was trying to setup, I got yelled at by my wife and kids for an hour while there was no network inside the house. Now I am focused on making the OPT interface work. The primary reason why I got a Netgate device was to be able to isolate my security camera system on a separate network than my home network. I'll start a separate thread for that.

@pulsartiger said in SG-1100 right for me?: Ive read in various places that 2.5 release will require AES-NI. Official informations are here: https://www.netgate.com/blog/pfsense-2-5-and-aes-ni.html https://www.netgate.com/blog/more-on-aes-ni.html @pulsartiger "That said, would the SG-1100 be a good choice?" For your future plans, I think more horsepower is needed, as @Rico suggested... =SG-5100 I, if I were in your place, I would build my own pfSense box (pcEngines APU, used thin client, used branded server from Dell, IBM, Supermicro for VM environment, etc.) with this also learns some hardware skills...

@jbomberger said in Netgate XG-7100 1u Status light: webcam.... no. Copy that

@angeloweb said in SG-2440 USB ports: to how the devices handle a power failure Typically, the UPS software would / should tell you the maximum autonomy before battery depletion. Cut that time in half, and round it to to a lower minute value time. Have your systems shut down - power down - at that X minutes. remember that batteries do loose their charge (== time before depletion) over several month. Change batteries after 2 to 3 years max.

hy @stephenw10 no i am good for now this solutions works as expected it is only a temp setup so we can prepare our network for a move to datacenter. Now we can replicate the network settings.

I just finished the cutover and indeed everything worked when I checked the tagged box for the VLANs in the switch. Thank you everyone for your help. It feels good to have this done.

Yes, you could do that. A lagg of the two 10G SFP ports is obviously higher bandwidth, potentially at least. If you don't need that on the LAN then it makes no difference. Steve

@dyener said in Turn off sg1100: Do the LED lights behave better in higher-end Netgate models (SG-3100, 5100, 7100, etc.)? I have one SG-5100 on my desk at the moment (going in production tomorrow) so here we go: Power up: [image: 1595331395477-1_sg-5100.jpg] Booting pfSense: [image: 1595331417000-2_sg-5100.jpg] pfSense ready to push some packets: [image: 1595331443417-3_sg-5100.jpg] After Shutdown via WebGUI (power still connected): [image: 1595331470457-4_sg-5100.jpg] -Rico

Yeah, there's no hard limit on the number of instances. The total bandwidth is what counts here, the SG-3100 can pass ~100Mbps OpenVPN so you should be OK. I also agree it sounds like you could use one remote access server for students to connect to but if you needed to use 6 that should also be fine. Steve

What are you running on the SG-1100 to log the traffic on the span port? I'm not sure what you're trying there has ever been tested so I couldn't tell you what sort of performance you could expect there. The OPT port would not need any config to monitor incoming packets, I would set that to 'none'. Do you have pf disabled? Steve

I pulled the optional 60GB m.2 SSD and powered it up. It went through the normal boot cycle looking for a location to boot from. Looks like a need an image to load. Will likely need a new m.2 SSD as well unless I can salvage this one. I contacted Netgate and they got back to me within a few hours with the firmware and steps needed to try to recover. Big shout out to Netgate for being supportive and responsive. Will try to recover and get back up and running. Still going to buy an SG-3100 for the additional throughput.

@kiokoman Appreciate the advice, thank you! Trying to get traction on this since noon, with no avail. The post-sales experience for a brand new device is sub-par.

Yeah, it's not required and wouldn't really help anyway. If you start using SWAP you have Squid tuned incorrectly. Any system that starts swapping will usually see a massive performance hit when it does. Steve

From what I could understand, it's related to auto negotiation.. where the master could force the slave to negotiate from 1000baseT to 100baseTX for an example I didn't know about this master/slave thing in the auto negotiation process. Thanks Jimp for your time answering me

@chrismacmahon hi Chris, it is back available. Thank you.

@N8LBV said in SG-2440 boot Failure: can't load 'kernel' Yeah that's a bit of a show stopper! Just for reference if you do use the CE image it needs to be the ADI version which enables the console on com2. If you boot the standard CE memstick you see nothing after the bootloader, though it is still booting at the wrong console. Looks like you got it anyway but for anyone else you can request a factory image for that device by opening a ticket with us (subscription not required). Steve