I had same issue for a long time.

Then I tried pkg update -f and got an error for SunnyVally repository
I figured that I had a old version of zenarmor installed that matches the FreeBSD 14 and not 15.
Upgraded the zenarmor to the latest version.

Haven't had any of the error messages for some time now. hopefully that was it.

Maybe this can be helpfull to someone.

@greatbush while I have about 3 minutes here
do you realize that windows machines by default will not allow pings and such from outside their own subnet to come in? Just trying to rule out any issues that you might have with Windows firewall on those machines..

Yes that's correct. The 1100 has only one NIC (mvneta0) and an internal switch with VLANs to separate the ports. But, as I said, you shouldn't need to make any changes there it's detected and set automatically for any Netgate device.

@chano76
What is the pfSense version?
How did you configure the failover group?

@stephenw10 I made some further changes. I removed the gateway for that problematic tunnel and also removed keep alive etc so that it is not expected to be running at start.
That didn't changed anything for me. At next reboot, gateways are down as is WireGuard. So it seems more of a general problem, although no one else is reporting it...

@Gertjan shame on me! Didn't see that ... thanks a lot!