Hello everyone, Is there an update to this entry? Image 2 no longer seems to work/be available. Thank you very much.

@Jaritura Thank you for your reply! I replicated the settings from my former pfsense box to the new one and confirmed with what you said above. Im still missing something. On both systems I Pure NAT, Enable NAT Reflection 1:1, and Enable automatic outbound NAT for Reflection selected. Firewall -> Rules -> WAN has the required ports forwarded IPV4 TCP/UDP * * Server IP 80 * none Firewall -> NAT ->Port Forward the same required ports are forwarded WAN TCP/UDP * * WAN address 80 Server IP 80 Firewall -> NAT -> Outbound I have both set to Automatic outbound NAT rule generation mode along with two Mappings for each subnet: WAN "Network subnet" * * 500 WAN address * (Not sure why this is here? Not knowingly using IPSec) WAN "Network subnet" * * * WAN address * Neither is using a DNS Resolver

@yellowRain said in offline pfsense 25.07 and 25.07.1 installer (usb stick) doe snot work reliably: offline pfsense 25.07 and 25.07.1 installer (usb stick) doe snot work reliably Problems Installing or Upgrading pfSense Software 7 posts 3 posters 120 views 3 watching Reply YOffline yellowRain 6 days ago I tried 25.07 and 25.07.1 pfsense plus reinstall on Netgate 6100 without success. Error was "cannot connect to netgate servers". Fortunately, I had to the 23.09 offline image stick somewhere, and went with this old version. I had to apply 23.09.1, then 23.11, then 25.07.1 upgrade afterwards, and then restore 25.07.1 config. Hope you can improve the netgate server detection part, or add back an offline option. I have changed of ISP, and now I'm sure 100% there are no issues on this part. Internet connectivity was fine before the reinstallation, and I could check netgate forums, and pfsense-installer dhcp client has been detected by the ISP box during the installation. Thank you for your work. Yeah, I ran into the same issue. Super annoying that the new installer won’t work offline anymore. Glad you found a workaround though!

The behavior should be the same regardless of Nexus running. The "nologin" part will be there if the user is not part of the admins group - in which case it needs to be part of a group with the correct privilege (or the privilege added to the user itself). Please share the steps if you notice a different behavior and can reproduce it.

Hi @patient0, Already fixed :) reset and preformed a full new installation. The peer can connect and performed a successful Handshake, and ping pfsense, wireguard and lan servers. However psfsense and my Lan servers can't ping this peer even with the handshake performed. I know that ping can be misleading but don't now what else.

Squid can be configured externally, I would love a how to guide on how to do this correctly.

@johnpoz Does Netgate have a cook book recipe for configuring Squid externally, like the old one for internally? If I had this it would make it easy, I just wonder how to do this as it has to go into squid and back up to the internet etc, makes my brain hurt I only have done it inside pfsense

@jogovogo what I forgot: what pfSense version are you using? There was an issue with changing rule orders in certain situations on pfSense+ 23 and 24. https://forum.netgate.com/topic/196601/rules-order-randomly-changes https://redmine.pfsense.org/issues/16076

@elvisimprsntr Updated 25.07.1 to 1.90.6_1, copied and pasted from @elvisimprsntr's post: pkg add -f https://pkg.freebsd.org/FreeBSD:15:amd64/latest/All/tailscale-1.90.6_1.pkg (Why it worked this time and not on previous updates: Over the last couple of days, I ran into the "Shared object "libutil.so.10, not found..." error that triggered the version 25.07.1 update issues some of us have been having. After I fixed that error, I decided to go back to the usual update method, and it worked.)

It is working as of today, that was weird Safari Version 26.1 (21622.2.11.11.9) Tahoe 26.1 I just went back 3000 plus posts to find this https://web.archive.org/web/20240302055716/https://forum.it-monkey.net/index.php?topic=23.0 Yeah it is working thanks

@marcosm I just upgraded to the latest version, and the Wireguard service is now running.