You should call our sales guys if you have not already.

Steve

Yes, Thank you, lower than my current setup which uses 26-35 watts. (I'm in the UK)

If the VLAN looks to have the correct MAC it's probably OK but...

In Interfaces > Assign add mvneta0 as a new interface. It will be OPT2 unless you've already added something else.

Go to Interfaces > OPT2 and enable the interface. You can rename it and spoof the MAC there. Leave IPv4 and v6 config types as none. Save and apply.

You only need to do that so the interfaces is available to spoof the MAC. The interface itself is not used for any other purpose.

Steve

@stephenw10 Thanks for your answer. I'll have opendns servers work ;-)

Thank you - I wanted to give an update - I have resolved my issue.

I was able to boot into single user mode and back up the config to a usb stick, and then I was able to manually fsck the drive to try to repair it. fsck said it worked and marked the filesystem clean, however after rebooting it kernel paniced with the same ffs_valloc error as before. So what I did is I replaced the msata drive and installed pfsense on that from a usb drive and since I had backed it up using the instructions provided in the link above, I was able to recover the same config easily.

So, thank you.

Were you able to get this configured?

Which ports are you using?

I assume you still need filtering on the bridge ports?

Steve

The reset button on the XG-7100 does not reset the config, it only performs a CPU reset.

You will need to connect to the serial console using a terminal emulator such as putty. Then you can reset the config or roll back the lagg changes from the console menu. I see you have the cable connected but I don't see screenshots attempting to use it.

Steve

Anything in the system log at that time?

Any errors collisions on the WAN in Status > Interfaces?

You see the same restriction on all internal interfaces? Have you been able to determine if this is an issue with the WAN or one of the internal interfaces?

Is it resolved by, say, disconnecting/reconnecting the WAN cable? Or re-saving the WAN interface?

Steve

Yes, ~350Mbps is the most you will see from the original APU.

I do recall one user adding an Intel mPCIe dual NIC card and seeing closer to 500Mbps but at this point upgrading the unit is the only practical option.

Steve

@DomiX : to minimize troubles in many way, protect the livebox (VDSL router) with the same UPS as you use with your SG.

NMI ISA 60, EISA 0 I/O channel check, likely hardware failure. panic: NMI indicates hardware failure cpuid = 4 KDB: enter: panic

The errors indicate a hardware failure, but there isn't enough detail to say for sure what component since it's not a full MCE log, just an NMI. You might be able to go into the BIOS and get more detail from there.

Open a ticket with us at https://go.netgate.com. We'll get that taken care of for you.

Steve

The files on that old ADI github are for RCC-VE (SG-2440/4860/8860). The XG-7100 uses ADI_PLCC.
ADI_PLCC-01.00.00.11 is the current version, from April 2019.

Steve

Thanks for the help folks! I'm up and running on the m.2 now, it didn't like my Kingston USB3 stick so I switched it out and it's good now.

@stephenw10 SG-3100 arrived today. Same LAN-WAN testing results below. LAN box on 192.168.1.100, WAN box on 10.10.10.10. 100% vanilla install fresh out of box. Thanks for all your help.

SG-3100 WAN-LAN share.png

@NogBadTheBad Thanks for the link. I have already done that. The power is still too bright. The problem might be the cheap plastic case, as the light just leaks and flows out in all directions. If the case was make of good solid material at least the light would not leak and then a simple masking tape on the top would have done the trick.

Hmm, I doubt booting from a USB card reader has ever been tested. While I might expect that to work it doesn't entirely surprise me to find it doesn't. Coreboot is not as flexible as some BIOSes.
As far as I know booting from a USB memory stick in the USB3 slot works fine.

Steve

It's impossible for us to recommend you open the power supply. I could only suggest you get a replacement identical PSU if you need to replace a worn fan there and it's out of warranty.

That appears to be this: https://store.supermicro.com/200w-1u-pws-203-1h.html
Confirm that physically before ordering though since I don't have access to check directly.

Steve

It would eventually though I've never seen it get hot enough to happen. I think there's a setting in the BIOS for that. No reason the change it though.

Separating LAN from wifi clients is generally good practice but it can cause problems for some services that reply on a single layer 2 to 'see' each other.
As with most things security is convenience is a trade off.

Steve