I ended up using option 15 to restore from a recent config as running etherswitchcfg vlan_mode DOTQ did change the cfg, but the device was still unaccessible so restoring was the only option.

0) Logout (SSH only) 9) pfTop 1) Assign Interfaces 10) Filter Logs 2) Set interface(s) IP address 11) Restart webConfigurator 3) Reset webConfigurator password 12) PHP shell + pfSense tools 4) Reset to factory defaults 13) Update from console 5) Reboot system 14) Enable Secure Shell (sshd) 6) Halt system 15) Restore recent configuration 7) Ping host 16) Restart PHP-FPM 8) Shell

/Closed

You should contact support using https://go.netgate.com and they can help you out directly

Please open a trouble ticket at https://go.netgate.com/

If you reference this thread it will speed up the process.

Thanks.

To power it back up either disconnecting the power or using the reset button will reset the CPU and start the boot process.

Steve

The SG-5100 has 2x igb NICs and 4x ix NICs. There is not much difference between them, both are Gigabit NICs even though the ix NICs use the 10GbE driver.
The ix NICs are theoretically marginally better performing however the ix driver does not support altq so traffic shaping on those NICs can only use Limiters.

Steve

I'd use a 19" slotted shelf and cable tie the power supply to the back or side.

Leave space above for cooling.

This unit has no cooling fans inside, it just cools thru the metal case. So, don’t rack it next to any really hot gear. If it were me, I’d stick it bottom-of-rack, on a shelf and give it some breathing room. Maybe even a small fan, like you mentioned.

You should be able to use any of those subnet sizes and it should pass that to clients.

Check the DHCP setting in Services > DHCP Server > LAN. It will show you there what the subnet and available range is. You can't set a different subnet size.

Do you actually see those Windows and Mac clients listed in Status > DHCP leases?
I'd say it's more likely you have a rogue dhcp server somewhere. At least 1 given you have clients showing /8 /12 /16/and /24!

Steve

If it's configured but not assigned as an interface in pfSense then no traffic will use it.

It can be removed from the switch config if you wanted to add Eth1 to vlan 4091 so all 8 ports are LAN for example.

Steve

Ha, nice catch though!

Good to hear.

Keep an eye on it, it's not clear what caused that.

Steve

So the fix for anyone looking for this issue is to halt the system, remove power for 10+ seconds and power on. Not exactly ideal if the system is your main internet gateway. It does however fix the issue.

Yes, only the LAN has any firewall rules by default. Any additional interfaces you assign must have rules added to pass the traffic you need.

Steve

subnet mask?

What connection type is that? It looks like it's probably a static IP with statically configured gateway. By default that will use the gateway as the monitor IP but you may have set something else.
If the monitor IP doesn't respond to ping it will show as down.

It looks to be linking up OK though.

Steve

NVMe is not supported in the SG-3100.

https://docs.netgate.com/pfsense/en/latest/solutions/sg-3100/m-2-sata-installation.html

I’m suggesting use the standard servers instead of secure core. Nord? Yuck stick with proton

I’ve used alternate dns servers for over a decade

The Eth ports on the XG-7100 are connected via the internal switch. You can configure them however you wish but by default Eth1 is WAN (lagg0.4090) and Eth2-Eth8 are LAN (lagg0.4091).
See: https://docs.netgate.com/pfsense/en/latest/solutions/xg-7100-1u/switch-overview.html

You can also use the etherswitchcfg command to see the current switch config from the command line.

Steve