Dashboard unable to report current version.
-
Hmm does it have connectivity generally?
[24.03-RELEASE][admin@cedev-3.stevew.lan]/root: ping -c 2 ews.netgate.com PING ews.netgate.com (208.123.73.69): 56 data bytes 64 bytes from 208.123.73.69: icmp_seq=0 ttl=45 time=116.266 ms 64 bytes from 208.123.73.69: icmp_seq=1 ttl=45 time=116.207 ms --- ews.netgate.com ping statistics --- 2 packets transmitted, 2 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 116.207/116.236/116.266/0.030 ms
-
Thank Stephen, I did not have remote DNS as a fallback in the general configuration. All is good :-)
Version 24.03-RELEASE (amd64)
built on Wed Apr 24 11:38:00 MDT 2024
FreeBSD 15.0-CURRENT
The system is on the latest version.
Version information updated at Sun Sep 22 13:46:46 MDT 2024 -
@ddawg355 said in Dashboard unable to report current version.:
I did not have remote DNS as a fallback
And there wasn't one initially, as none is needed. pfSense has a resolver and doesn't need any 'DNS' setting changed to make it work : it works (worked) as soon as you installed pfSense.
If 'adding an DNS' makes things work for you, this makes me think the resolver wasn't working - for pfSense itself.
And it needs to work, as it had to resolve the URLs to find the pfSense update servers. -
The 3 choices for DNS resolution in pfsense+ are:
1 Use local DNS (127.0.0.1), fall back to remote DNS Servers (Default)
2 Use local DNS (127.0.0.1), ignore remote DNS Servers
3 Use remote DNS Servers, ignore local DNSWhen I started this thread and Stephen pointed out to ping the ews.netgate.com site, it failed to resolve an IP address. So I looked into general setup and it was configured for choice 2. I changed it to choice 1 and it worked. That is the default setting but I am not sure how my system was set to choice 2. I have been running the system for over a year and it was working (update/version info on dashboard). I have a pi-hole running and the IP address is specified in DNS Server Settings. I did recently changed the IP address of the pi-hole and may have accidentally messed up resolution setting when changing the IP address.
-
That does imply that the local resolver isn't working for some reason.
You can check all configured DNS servers in Diag > DNS Lookup.
-
I do want to fully understand what appears to be a disconnect on how pfsense should be configured and behaves.
DISCLAIMER: I only have a basic understanding of networks, firewalls and the applications that configure them...
So I did experiment with the DNS Lookup in pfsense+, when option 2 (in my previous post) was enabled, nothing was returned by the pi-hole. When option 1 was selected pi-hole responded with the correct DNS record for ews.netgate.com. The pi-hole on my network is on a different subnet than the pfsense 4100 server. The pi-hole is on a trunk of one of the subnets from 4100. I don't know if that makes pi-hole a remote server but is seems to work properly when option 1 is selected.
I do not have DNS resolver enabled on pfsense. So whether its the different subnet or the fact that pfsense is not providing dns resolver services, the pfsense seems to work correctly setting option 1 in the general setup.
Thank you both for responding to my post.
-
Do you have the DNS Forwarder (DNSMasq) enabled in pfSense instead?
If not then there are no local servers and pfSense itself can only resolve against the remote servers setup in System > General settings. That means if you have option 2 set there it cannot resolve at all.
If the pi-hole is the only DNS server setup then that's the only thing pfSense can query for DNS.
-
That is exactly the case. DNS forwarder is not enabled, the only DNS server configured in the general setup is the pi-hole. So it seems the configuration is working as expected.
-
I have the very same issue with a 2.7.0 VM appliance (Hyper-V if that helps). Running pfSense-upgrade -dc returns:
[2.7.0-RELEASE][admin@firewall.doctors-lab.local]/root: pfSense-upgrade -dc ERROR: It was not possible to determine pkg remote version >>> Updating repositories metadata... Updating pfSense-core repository catalogue... pkg-static: An error occured while fetching package pkg-static: An error occured while fetching package repository pfSense-core has no meta file, using default settings pkg-static: An error occured while fetching package pkg-static: An error occured while fetching package Unable to update repository pfSense-core Updating pfSense repository catalogue... pkg-static: An error occured while fetching package pkg-static: An error occured while fetching package repository pfSense has no meta file, using default settings pkg-static: An error occured while fetching package pkg-static: An error occured while fetching package Unable to update repository pfSense Error updating repositories! ERROR: It was not possible to determine pfSense remote version ERROR: It was not possible to determine pfSense-base remote version ERROR: It was not possible to determine pfSense-kernel-pfSense remote version Your system is up to date
I can run pfSense-repoc -n, but the command does not generate any output.
I can also ping ews.netgate.com
[2.7.0-RELEASE][admin@firewall.doctors-lab.local]/root: ping -c 2 ews.netgate.com PING ews.netgate.com (208.123.73.69): 56 data bytes 64 bytes from 208.123.73.69: icmp_seq=0 ttl=52 time=11.952 ms 64 bytes from 208.123.73.69: icmp_seq=1 ttl=52 time=11.380 ms --- ews.netgate.com ping statistics --- 2 packets transmitted, 2 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 11.380/11.666/11.952/0.286 ms
I have tried rebooting the appliance, and still run into the same issues.
[EDIT] I checked Settings -> General Setup -> DNS Server Settings -> DNS Resolution Behavior is set to "Option1". Still the same results.
-
In 2.7.0 run:
certctl rehash
Then recheck.
-
@stephenw10 said in Dashboard unable to report current version.:
In 2.7.0 run:
certctl rehash
Then recheck.
Thanks! That fixed the issue.