That. It cannot possibly work unless it's intended to connect to a service that is on the client. (that would be horrible though) It's nothing pfSense is doing, certainly not related to older vs newer versions. The only way this could have worked in 2.3.5 is if you had a host override for that fqdn. Steve

@stephenw10 I did get the IPv6 working on 3 VLANs. I was originally using a DHCPv6 64-bit prefix which left no room for subnetting. I asked the ISP (Spectrum) for a 60-bit prefix and got one no problem. My second ISP (TDS) won't be supporting IPv6 for a while but I'll be ready when they do!

Try running ifconfig ix0 -vvvm and the same for ix1. Make sure it is 'seeing' the modules correctly and the incoming optical signal power. Some devices require setting 1G fixed link speed to get link in a 10G port. Steve

Just to follow up: Netgate support did modify my old configuration and it came up just fine on the new router. Fantastic experience, thanks Netgate!

I was afraid I would hear that. As an interim solution I actually did use a media converter (I agree with the "yuck"), because I had an extra one available. In the long run I will most likely get another switch and use that solution. Thanks for the quick and helpful reply, though!

Open a ticket with us: https://go.netgate.com/ You should always see some output there from uboot if you power cycle it, even if pfSense is not booting at all. We have seen bad cables that somehow allow the device to be seen but not any actual output. You have already tried a different cable though. Steve

Yup that. An m.2 SATA is significantly faster than the eMMC but that really only makes any difference to packages using the storage and boot times. VPN throughput would not change. Steve

Difficult to say what the issue was. U suspect it was resolved before you ran the command line update. I would expect it to fail there if there was an issue. The advantage of updating at the command line like that is it gives you some error output that usually tells you why6 packages are not available. As far as I know there is no current issue with the armv6 pkg repo and hasn't been for some weeks at least. Steve

That Crucial module is a compatible device. It removing that allowed it to run stable it was probably a bad module. Steve

I would expect to see ~100Mbps OpenVPN throughput from the SG-3100. About 3x that for IPSec using one of it's hardware accelerated ciphers. That is very depended on latency, packet size etc. Steve

@froussy What Crucial memory did you buy and how did it work out? Did you get the SATA ssd from crucial also?

@Gertjan I absolutely agree with you! Although it wasn't clear, I elided some earlier troubleshooting steps from my story. I was stuck helping a non-technical person via phone without any remote access--I had only intended to be away for the weekend and hadn't gotten around to setting up remote access and dynamic DNS yet. The power strip (in fact, it is a UPS) I had her toggle was connected to the modem, SG-1100, and the WAP, and this was my last-ditch effort to fix something. As you say, I lost my bet. @Rico thanks for the pointer to the right place in the docs! I'll open a ticket with Netgate ASAP and get started.

After doing a bit of research it looks like this is most likely related to the "Atom C2000 Series Bug" which is addressed (although not by name) here. Netgate appears to have a replacement program that covers affected devices for up to 3 years, however this bug is most likely to cause a failure after 3 years. My device has failed just shy of the 4-year mark, so it looks like I am SOL. If you are reading this and have a device that may be affected but still within the 3-year replacement period, I would recommend rebooting it early and often to make sure you are eligible for the replacement when the hardware does finally fail.

@stephenw10 I've sent you a link to the files.

That should work on port 8 as you have it configured there as long as you're using lagg0.100 as the assigned interface for the WAN. Steve

Thank you both. My SG-5100 just arrived today, so tonight's going to be fun, replacing the SG-1100.

(0x) F8 on the internal display (port 80) is the expected last thing displayed when it boots correctly. Check the second virtual comport for diagnostic info, that should always display something. The port 80 output is also shown there together with thermal values and CPU error values. Steve

Were you able to resolve this? I have no idea why you were blocked but I have now whitelisted your address so please open a ticket or email support@netgate.com and we can get you that firmware. Steve

Hmm, well you might try creating a partition with gpart. I would think that will create a new table if it cannot read one. You could then just leave that or try removing it. Steve

Thanks, I'll base the build based on that configuration. I know that I didn't specified the budget, but this is around $500 over of what I was planning to spend.