23.09.1 to 24.03 - upgrade fails
-
@stephenw10 I like it and I'm surprised it's made it this far (it was a hand-me-down, even survived the recall), but I think I'd rather spend that money towards a new 1100 or 2100. In the meantime I can stay at 23.09.1. Thanks for all the help.
-
@04CC40 you could check lifetime with https://docs.netgate.com/pfsense/en/latest/troubleshooting/disk-lifetime.html#emmc
-
@SteveITS Gave it a shot, no dice:
[23.09.1-RELEASE][crapmin@pfSense.home.arpa]/dev: mmc extcsd read /dev/da0 open: Permission denied -
@04CC40 said in 23.09.1 to 24.03 - upgrade fails:
crapmin
crapmin isn't allowed to do admin stuff.
crapmin is not admin.No "help me" PM's please. Use the forum, the community will thank you.
Edit : and where are the logs ?? -
That won't work on the SG-2220 anyway because the eMMC is USB connected (da0). That can only read the detailed eMMC info when the controller is directly attached (mmcsd0).
I would still reinstall it as UFS with RAM disks if I had that. ZFS itself creates significantly more drive writes.
-
@stephenw10 Do I need to ask for the iso via support and reinstall via USB for this?
-
@Gertjan crapmin has failed upwards to attain su privileges, not bad for a non-IT guy...
-
@04CC40 said in 23.09.1 to 24.03 - upgrade fails:
crapmin has failed upwards to attain su privileges
I get it.
On a game / file / content server, it's good practice to create non admin users for the ordinary users.But pfSense is not a server. It's a firewall router. It doesn't share 'content' with people.
You, an admin, only connects to it when you need to change a setting. That's an admin task.
The task probably needs admin rights anyway to set some 'OS' (FreeBSD) network setting.
Ordinary "don't know nothing about anything users" don't need a user account on pfSense. They have nothing to do on pfSense.And because there are always possible exceptions : if you use a captive portal with user/password accounts, then you can add these to System> User Manager and remember that for each of them you have to set their 'right' like "Can only visit the portal login page".
edit : good security on pfSense : make the GUI only accessible on the LAN.
All other users, the ones you don't trust : create a second LAN, called OPT1, and have them use that LAN/OPT1. On this interface, block ssh and webgui access.
Now, your pfSense is secured, and they can only try to access the pfSense GUI (or SSH) if they have physical access to the pfSense LAN interface.To protect the SSH access even further :
and create certificates, so SSH access will need this certificate.
The webgui : use a password generator, and have it go wild on you.
No "help me" PM's please. Use the forum, the community will thank you.
Edit : and where are the logs ?? -
@04CC40 Yes you need the recovery image. The new Net Installer will work fine on the SG-2220 but if you want to remove the SWAP partition at install you should use the legacy installer.
-
@Gertjan VLAN's, rules and a silly Bitwarden password are in place. "crapmin" was just some self-deprecating humor.
-
0 04CC40 referenced this topic on
