Which ports need to be open for Update detection ?
-
On an AWS installarion of 2.3 I have the "Obtaining update status " continuously spinning, probably due to restrictive blocking on the NetworkACL or SecurityGroup. Do you know which ports (and possible target IPs) need to be open for Update checks to work ?
Thanks -
It's probably
https://updates.pfsense.org/_updaters/
This means : port 443, not a port that could be blocked.But I guess your issue is different.
DNS is working ?
Can you
ping updates.pfsense.org
from the webgui ? Does it resolve to an IP ?PING updates.pfsense.org (162.208.119.39): 56 data bytes 64 bytes from 162.208.119.39: icmp_seq=0 ttl=49 time=114.551 ms 64 bytes from 162.208.119.39: icmp_seq=1 ttl=49 time=142.796 ms 64 bytes from 162.208.119.39: icmp_seq=2 ttl=49 time=114.759 ms --- updates.pfsense.org ping statistics --- 3 packets transmitted, 3 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 114.551/124.035/142.796/13.266 ms -
In addition to the information on the above post, you should also check if your pfSense install can access https://pkg.pfsense.org. This is the repository where the 2.3.x+ updates come from.
-
For AWS, you need 80 and 443 to firmware.netgate.com only.
