Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Issue with going from 2.7.0 to 2.7.2

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    31 Posts 11 Posters 28.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      trucmuche @stephenw10
      last edited by

      @stephenw10
      Yes, connectivity is fine. I looked for info everywhere and found some steps in this thread. I tried pkg-static upgrade pfSense-repoc and pkg-static upgrade and it messed up everything because I think I went too far.

      I just did a fresh install and I am now running 2.7.2. The installer restored the config.xml but none of the packages are installed. The same issues are still here:

      • Available packages page shows "Unable to retrieve package information".

      • pkg-static -d update shows:

      DBG(1)[3313]> pkg initialized
      pkg-static: Unable to open '/usr/local/etc/pkg/repos//pfSense.conf':No such file or directory
      No active remote repositories configured.
      

      Internet connectivity is fine on pfSense and on the network behind it.

      UPDATE:
      Reading your latest message above for @Understudy, I tried pfSense-upgrade and it seems to have recreated the database. After another restore and reboot, everything seems to be back to normal. It was not easy, but thank you for all the information on this forum.

      stephenw10S 1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator @trucmuche
        last edited by

        @trucmuche said in Issue with going from 2.7.0 to 2.7.2:

        pkg-static: Unable to open '/usr/local/etc/pkg/repos//pfSense.conf':No such file or directory

        Just for reference if you see that error just resave the repo branch or select a different branch and then switch back (which also resaves it).

        M 1 Reply Last reply Reply Quote 1
        • UnderstudyU
          Understudy @stephenw10
          last edited by

          @stephenw10 said in Issue with going from 2.7.0 to 2.7.2:

          @Understudy said in Issue with going from 2.7.0 to 2.7.2:

          I said No so I could show this issue that showed up on the mismatch.

          What version are you upgrading from?

          If you run pfSense-upgrade it allows for an ABI mismatch like that. But CE has been built on 14 for sometime now.

          Tried it again. Different message.

          [2.7.0-RELEASE][admin@Ignis.brendhanhorne.com]/root: pfSense-upgrade
          ERROR: It was not possible to determine pkg remote version
          >>> Updating repositories metadata...
          Updating pfSense-core repository catalogue...
          pkg-static: An error occured while fetching package
          pkg-static: An error occured while fetching package
          repository pfSense-core has no meta file, using default settings
          pkg-static: An error occured while fetching package
          pkg-static: An error occured while fetching package
          Unable to update repository pfSense-core
          Updating pfSense repository catalogue...
          pkg-static: An error occured while fetching package
          pkg-static: An error occured while fetching package
          repository pfSense has no meta file, using default settings
          pkg-static: An error occured while fetching package
          pkg-static: An error occured while fetching package
          Unable to update repository pfSense
          Error updating repositories!
          ERROR: It was not possible to determine pfSense-upgrade remote version
          ERROR: It was not possible to determine pfSense-upgrade remote version
          >>> Upgrading pfSense-upgrade... failed.
          [2.7.0-RELEASE][admin@Ignis.brendhanhorne.com]/root:
          
          
          1 Reply Last reply Reply Quote 0
          • stephenw10S
            stephenw10 Netgate Administrator @Understudy
            last edited by

            @Understudy said in Issue with going from 2.7.0 to 2.7.2:

            pfSense-repoc-static: failed to fetch the repo data
            failed to read the repo data.
            failed to update the repository settings!!!

            Send me your NDI in chat and I'll check it.

            1 Reply Last reply Reply Quote 1
            • C
              CZEMacLeod @Understudy
              last edited by

              @Understudy @stephenw10 I had exactly the same issue - and under the GUI it was all showing green. Saw a youtube video about the patch and the fixes it includes and wondered if I had it.

              The UI said the current stable 2.7.2 branch was selected. And that the current/latest and installed (base) versions were 2.7.0 and were up to date. I almost assumed that meant that the .2 update didn't show there and I was all good.
              Only after checking this forum and trying option 13 and getting the same then fixing it with the
              certctl rehash
              command then following up with
              pfSense-upgrade
              did it suddenly spring back into life.

              I really wish there was a better UI display that something had gone wrong here and that I was actually out of date.
              Is the rehash thing something I should get it to run on cron weekly or something to ensure this doesn't happen again?

              1 Reply Last reply Reply Quote 0
              • stephenw10S
                stephenw10 Netgate Administrator
                last edited by

                No going forward from 2.7.2 that is run before checking anyway. You don't need to do anything further.

                1 Reply Last reply Reply Quote 2
                • UnderstudyU
                  Understudy
                  last edited by

                  Ok, the situation for me ended up being a cert issue.

                  certctl rehash
                  

                  it also may have taken a bit of tweaking on some of the servers but it did get addressed and my running certctl rehash and pfSense-upgrade ended up being successful.

                  So we now have 2.7.2 running on the equipment.

                  Thank you all again.

                  1 Reply Last reply Reply Quote 1
                  • M
                    mmmzon @stephenw10
                    last edited by

                    @stephenw10 Your suggestion did help solve the problem in my system upgrading from 23.05.1 to 23.09.1, nothing else worked.

                    1 Reply Last reply Reply Quote 1
                    • H
                      HaOsLsE
                      last edited by HaOsLsE

                      Wow. This update sure caught me by surprise. I've been using this for probably 15yrs+ at least. Like everyone stated my 2.7.0 said all up to date...good to go and 2.7.2 was ready to install. It appeared to install fine I guess...I freaked after it didnt come up after 2-3 min because I know it boots faster than that. Then I saw the console was at a login prompt and not the normal prompt after a full boot displaying all the interfaces.

                      Anyways after this upgrade. I've learned my lesson. This is the 2nd time an update crashed my system and I had to go to the console. I mean that's not bad over 15yrs+ of using pfsense. I need to do some reading up on whats new and whatnot. I did notice at a quick glance I saw something about the dhcp server at the end of life. From now on before upgrading I will read forums for any problems. I always wait to upgrade anyways. I also wait in the professional world just because of stuff like this.

                      So if anyone wants to just go straight to what worked for me to quickly get it up. First you need to have a kind of recent backup. Which I did have and it was version 2.7.0. I had a full backup with RRD Graphs/packages/etc. I downloaded 2.7.2 and installed it clean, accessed the web gui and restored. Then went back to the console to make sure it had the interfaces aligned still. Logged back in and everything was re-installing in the background. After a few minutes everything came back up. 2 LANs, 2 DHCP...static mappings...etc. Once reinstalling it just took a few minutes to put the backup file on and home networks were up in no time.

                      HTH - now off to read up on what all is new.

                      I am Hole.

                      1 Reply Last reply Reply Quote 1
                      • A
                        asage
                        last edited by

                        I also had this issue and certctl rehash fixed it. It would be nice to see an error message when checking for updates on the dashboard instead of thinking everything is fine. Also in case anyone can't boot after the update you may need a BIOS update. Here's my experience https://forum.netgate.com/post/1151342

                        1 Reply Last reply Reply Quote 0
                        • GertjanG Gertjan referenced this topic on
                        • G Gblenn referenced this topic on
                        • R RickyBaker referenced this topic on
                        • R RickyBaker referenced this topic on
                        • L lightingman117 referenced this topic on
                        • R RickyBaker referenced this topic on
                        • georgelzaG
                          georgelza
                          last edited by

                          I'm having similar issues... So I had pfSense deployed on a old Celeron chip/box...
                          did a backup, got new Topton based on a U300E installed, Had problems to get the backup restored so copied the backup as config.xml to /conf and restarted.

                          discovered none of my packages are installed... and thinking also why my inbound routing to a HA deployed inside network is failing... I have outbound, strangely my inbound onto my OpenVPN is working... so CloudFlare which I use to proxy me is routing to the new device.

                          Below is the error i get if I execute:

                          pkg-static -d update

                          * Couldn't find host pkg00-atx.netgate.com in the .netrc file; using defaults
                          * Hostname pkg00-atx.netgate.com was found in DNS cache
                          *   Trying 208.123.73.207:443...
                          *   Trying [2610:160:11:18::207]:443...
                          * Immediate connect fail for 2610:160:11:18::207: No route to host
                          * Connected to pkg00-atx.netgate.com (208.123.73.207) port 443
                          * ALPN: curl offers http/1.1
                          *  CAfile: none
                          *  CApath: /etc/ssl/certs/
                          * SSL certificate problem: unable to get local issuer certificate
                          * Closing connection
                          pkg-static: An error occured while fetching package
                          DBG(1)[44631]> Request to fetch pkg+https://pkg.pfsense.org/pfSense_v2_7_2_amd64-pfSense_v2_7_2/packagesite.txz
                          DBG(1)[44631]> curl_open
                          DBG(1)[44631]> Fetch: fetcher used: pkg+https
                          DBG(1)[44631]> curl> fetching https://pkg.pfsense.org/pfSense_v2_7_2_amd64-pfSense_v2_7_2/packagesite.txz
                          
                          DBG(1)[44631]> CURL> attempting to fetch from , left retry 3
                          
                          * Couldn't find host pkg00-atx.netgate.com in the .netrc file; using defaults
                          * Hostname pkg00-atx.netgate.com was found in DNS cache
                          *   Trying 208.123.73.207:443...
                          *   Trying [2610:160:11:18::207]:443...
                          * Immediate connect fail for 2610:160:11:18::207: No route to host
                          * Connected to pkg00-atx.netgate.com (208.123.73.207) port 443
                          * ALPN: curl offers http/1.1
                          *  CAfile: none
                          *  CApath: /etc/ssl/certs/
                          * SSL certificate problem: unable to get local issuer certificate
                          * Closing connection
                          DBG(1)[44631]> CURL> attempting to fetch from , left retry 2
                          
                          * Couldn't find host pkg01-atx.netgate.com in the .netrc file; using defaults
                          * Hostname pkg01-atx.netgate.com was found in DNS cache
                          *   Trying 208.123.73.209:443...
                          *   Trying [2610:160:11:18::209]:443...
                          * Immediate connect fail for 2610:160:11:18::209: No route to host
                          * Connected to pkg01-atx.netgate.com (208.123.73.209) port 443
                          * ALPN: curl offers http/1.1
                          *  CAfile: none
                          *  CApath: /etc/ssl/certs/
                          * SSL certificate problem: unable to get local issuer certificate
                          * Closing connection
                          DBG(1)[44631]> CURL> attempting to fetch from , left retry 1
                          
                          GertjanG 1 Reply Last reply Reply Quote 0
                          • GertjanG
                            Gertjan @georgelza
                            last edited by

                            @georgelza said in Issue with going from 2.7.0 to 2.7.2:

                            nable to get local issuer certificat

                            Check here : https://forum.netgate.com/topic/188678/network-performance-issue-using-pfsense-v-2-7-0-running-as-router/7?_=1730106199669

                            No "help me" PM's please. Use the forum, the community will thank you.
                            Edit : and where are the logs ??

                            1 Reply Last reply Reply Quote 0
                            • stephenw10S
                              stephenw10 Netgate Administrator
                              last edited by

                              So your new device is running 2.7.0 not 2.7.2?

                              If so you'll need to run certctl rehash to upgrade.

                              georgelzaG 1 Reply Last reply Reply Quote 0
                              • georgelzaG
                                georgelza @stephenw10
                                last edited by

                                @stephenw10 you will notice above i did...

                                eventually got it upgraded to 2.7 then did a restore of backup again and then a resupply of credentials, followed by haproxy which was the critical/missing app to allow inbound routing.

                                G

                                1 Reply Last reply Reply Quote 0
                                • First post
                                  Last post
                                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.