Hi, the ipsec speed is limited by upload speed at remote site due to ACKs. Having said that I have issue with SG-3100 - I cannot get greater than 45 Mbps on a physical 100Mbps fiber link to my home pfsense which is 940Mbps fiber, whereas I can 380Mbps+ to a SG-5100 on physical 500Mbps link, and 180Mbps to a SG-4860 on a 200Mbps physical link. My home is a home-built pfsense running i7. I will open another thread on this.

You (or verizon) will need to run a ethernet cable from your ont (box on side of building) to your router location, then call verizon and they will activate it. The other option is to put your G-1100 into bridge mode. There are instructions for this all over the internet. This is a reputable site here (https://www.dslreports.com/forum/r31057540-Networking-HOW-TO-Bridge-G1100-So-your-Router-becomes-Primary)

I was thinking about it overnight. If you want to save money, build your own. How about something like this (https://www.amazon.com/gp/product/B077Y8JR1R/ref=ox_sc_act_title_1?smid=A1JJPPPLBAC13R&psc=1) with a asrock combo board in it like this one (https://www.amazon.com/ASRock-J4005B-ITX-2-7GHz-Mini-ITX-Motherboard/dp/B079GFD84R/ref=sr_1_3?keywords=asrock+combo+board+mini+itx&qid=1581686651&sr=8-3) It will allow you to use a pcie intel 2 or 4 port nic

@stephenw10 said in Sg-3100 Trunk Port: You don't need to assign the parent interface (mvneta1) to use VLANs on top of it. Though you may want to if you want untagged traffic to pass through the switch completely. Setup the VLANs you need as interfaces and assign/enable them. Then in the switch config switch it to 802.1q mode and add the vlans you configured making sure they are set as tagged on the port(s) you want and tagged on port 5, the internal port. Steve stephenw10 Thank you for all the info

You mean like a 3g/4g modem? To connect to what? Internal/external?

Something like this: https://www.amazon.com/dp/B00G059G86/ or this one: https://www.amazon.com/AC-Infinity-MULTIFAN-Receiver-Playstation/dp/B00G05A2MU That last one "might" be a double fan kit, attached together with a single USB cable. Jeff

Thanks all, support was awesome and did indeed get this resolved.

This same thing has happened to me the last 3 installs over the course of a few years.

The internal ports are 2.5G each so I would be surprised if it's a problem.

It should not really be needed as the 'usbrecovery' command includes 'usb reset'. However recently I have found some USB sticks that are not initially recognised can be found if usb reset is run a number of times. Steve

Hi @Gertjan Sometimes we do not have access and we could ask users to unplug/plug SG-1100 but it could cause fs corruption. Asking user to push a button would be better.

Yes the value passed by ACPI for zone 0 is invalid. Use the CPU core temp value to get an accurate temperature reading. Steve

I ended up using option 15 to restore from a recent config as running etherswitchcfg vlan_mode DOTQ did change the cfg, but the device was still unaccessible so restoring was the only option. 0) Logout (SSH only) 9) pfTop 1) Assign Interfaces 10) Filter Logs 2) Set interface(s) IP address 11) Restart webConfigurator 3) Reset webConfigurator password 12) PHP shell + pfSense tools 4) Reset to factory defaults 13) Update from console 5) Reboot system 14) Enable Secure Shell (sshd) 6) Halt system 15) Restore recent configuration 7) Ping host 16) Restart PHP-FPM 8) Shell /Closed

You should contact support using https://go.netgate.com and they can help you out directly

Please open a trouble ticket at https://go.netgate.com/ If you reference this thread it will speed up the process. Thanks.

To power it back up either disconnecting the power or using the reset button will reset the CPU and start the boot process. Steve

The SG-5100 has 2x igb NICs and 4x ix NICs. There is not much difference between them, both are Gigabit NICs even though the ix NICs use the 10GbE driver. The ix NICs are theoretically marginally better performing however the ix driver does not support altq so traffic shaping on those NICs can only use Limiters. Steve

I'd use a 19" slotted shelf and cable tie the power supply to the back or side. Leave space above for cooling.

This unit has no cooling fans inside, it just cools thru the metal case. So, don’t rack it next to any really hot gear. If it were me, I’d stick it bottom-of-rack, on a shelf and give it some breathing room. Maybe even a small fan, like you mentioned.

You should be able to use any of those subnet sizes and it should pass that to clients. Check the DHCP setting in Services > DHCP Server > LAN. It will show you there what the subnet and available range is. You can't set a different subnet size. Do you actually see those Windows and Mac clients listed in Status > DHCP leases? I'd say it's more likely you have a rogue dhcp server somewhere. At least 1 given you have clients showing /8 /12 /16/and /24! Steve