@tinfoilmatt said in Fresh install of version 2.8 fails to boot: @coffeecup25 FYI... [image: 1763342432874-21850f97-3e53-4bc1-912f-6f7cfea52688-image.png] Aren't you the clever one. So smart. FYI, I'm a terrible typist. And I never get all of my ideas out the first draft. That's that the edit button is for. Am I supposed to be embarrassed or are you supposed to look smart. Neither is true. Does your discovery somehow prove something about the issue at hand in your mind? pfSense still did not load right. And I'm not using it any longer. OPNsense has no issues like the ones I described and it appears more stable given some of the issues that mut be considered during a common, ordinary upgrade. My main router is OPNsense and so is my spare. And the disk holding the last attempt at pfSense was reformatted. Thanks for giving me the opportunity to make these final points.

@fireodo thank you very much for the help I will look into the sanity check.

I have disabled RA, there is no use for it, as I do not use ipv6

@patient0 said in The service show not running but client can connect to wireguard server.: Oh, I see, I didn't realize that the same issue existed on CE. I would like to say, CE user stumbled at first about the issue... (to check above)

@Averlon Indeed. There are valid use cases for both options. Thanks for the feedback

@ebcdic That’s also a good idea, but please, no more units with one NIC and a switch only. It’s too complicated for those small installations to use VLAN “abstraction” of interfaces. Also: it can cause issues at reboot depending on what and how it’s uplinked.

@ablephri said in Another Netgate with storage failure, 6 in total so far: the console used to work until the device didn't respond again. Ok, so chances are good that the cable is ok. Removing the EMMC was a guess then ? The '6100' is like a PC : removing a drive won't stop the system from booting. You need the console access to select from what device : an EMMC, or some SSD drive or even a USB key drive. Whatever happens with these "drives", the console will give output. @ablephri said in Another Netgate with storage failure, 6 in total so far: the computer can detect the COM port but still not be functional? On the computer side, the USB plug, and the USB chip build into the cable, will power up, and communicate with the USB host (the USB circuitry build in the PC) so the 'PC' knows that an USB device is present, and with the help of the 'ID' of the USB cable chip, it will know what kind of driver it needs. In this case : a serial connection driver, also known as a 'COM' port (in the PC world) type of device. The serial connection itself, 3 wires, a common ground, a transmit and receive line, can not be auto detected like what you see if something is "plug and play". A serial connection is something from te past century. So plugin in the cable makes the COM port avaible to the PC, but won't tell you anything about the presence of a connection = the receive line going up and down in a fixed frequency (115000 hz - you checked this bit rate of you port ? ) so a serial connection is establish. That's also you final test : on the console port, if you can find these 'TX' and RX' traces, locate the TX line. If you see the TX line go up and down frequently (shortly) after power up, you know the 6100 BIOS is outputting text. If it stays silent ........

@Echoslave said in PHP Error im Carp Modus: Habe den IP-Scanner mal darüber laufen lassen, aber das scheint alles in Ordnung zu sein. Die Regeln sind auf beiden Maschinen gleich. Was denn für nen IP-Scanner und was genau soll er tun bzw. scannen/bringen? Ein externer Scan sagt dir ja nicht, ob was mit dem Cluster fehlkonfiguriert ist :) CE ist bspw. wichtig, weil es bei Plus ne neuere Version und andere Features gibt, die damit schonmal ausgeschlossen sind, dass es daran liegt. Sind das beides Hardware Boxen? Beide auf allen Seiten mit CARP Adressen? Alle sauber eingerichtet etc.? VHIDs in Konflikt? CARP kann vielfältig in die Hose gehen, wenn man nicht alle Punkte beachtet :) Und was ist mit diesen Broken MACs, wo steht das? Cheers

They still show as tagged correctly in the VLAN? Do you see the secondary sending CARP advertisements at the slightly longer interval? Mmm, just one VLAN on a NIC is odd indeed. Seems to rule out any sort of hardware issue.... unless maybe it's hardware VLAN tagging. Does it see other traffic arrive on that VLAN when it fails? Which NICs are the VLANs on? Always on the same NIC type?

Ok got it, on the allow ipv4 rule it was set to allow from port2 networks. My nested router isn't a port2 network so it would never be passed on and thus hit the default deny. Switched that to any source network as a test and it worked.

SOLVED. Okay, we have the VMware figured out, Linux kernel issue on myside. For burning to USB, I discovered an update to rufus (v4.11) which I downloaded and ran. Burnt to USB 2.0 without error. In windows, when we look at the USB drive contents, there is nothing there. Disk Manager shows the partitions accordingly, so I assigned a drive letter to the USB stick and now can see the root of the stick - not a lot there, but that's a Windows thing. On one of our ubuntu servers I could also see the parts natively. So that told me that everything burnt properly. Booted our potential pfSense system via USB and Voila - magic happened and installed. So, my take away here is to check for things like software updates (rufus) and of course pay closer attention to the OS requirements for pfSense (i.e. the OS ver). Thanks Anitbiotic, you set me on the right troubleshooting course.

Solved reset pfsense and selected dhcp. all ok (Couldnt determine if ISP had fixed it or the reset worked)

Better option is to use a self hosted VPN on pfSense to remotely connect to devices or services on your LAN. That way you are not opening ports on your firewall for miscreants to attack. Tailscale is what i use.

@Gertjan Thanks very much for the very detailed explanation. I'm not sure that I know exactly what caused the problem, but I think that I needed to set 'Check IP Mode" to "Always use the Check IP service". It was set to Automatic (Default), and for some reason I was seeing an error with the Check IP service in the logs. @stephenw10 Thanks for the reply. In this case it wasn't Cloudflare. It was something in the way I had Dynamic DNS Set up.

Yeah I usually nuke the content entirely these days just to make it cleaner but I think only admin can do that. I can at least clean that up.

@paulatz said in Skip captive portal for static ARP: some documentation Euh, it's open source. So everything you need to know is already there. No one ever wrote a book, guide or manual about these millions of lines of 'script'. If you know what 'PHP' is : ssh into your pfSense and start to discover. this will take you some time ;) If you want write scripts for a system, you have to know (some what) that system.

@Lartax73 said in Latest pfSense release (25.11) uses FreeBSD 16 - official release is December 2027: Thanks for your explanation. So in practice, does Netgate have many issues using FreeBSD-CURRENT for pfSense 25.11 (crash, NIC driver, ZFS…)? And do they have a roadmap to migrate to FreeBSD 16-RELEASE when it comes out? I don't think there were more issue then when they followed the RELEASE channel. And no, they will stay on CURRENT (you may want to read the blog post), no going back to RELEASE.

@SteveITS Possibly something with that ESMTPSA > SMTP > ESMTPS. But yeah, who knows.

It would only be there if it was actually an SA which is unlikely for a BIOS update. I have the netgate blog page added to the RSS dashboard widget to see updates there.

I've been seeing the same since last week. One or two insta-refreshes is all it's been taking.