Auto Upgrade impossible - Unable to check for updates

kejianshi

Assuming you have a connection, fix your DNS.

tof

Dns problème , good point. I have a bind on it, to manage private dns entry.

I activate the option : " Do not use the DNS Forwarder as a DNS server for the firewall "

I can ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) from 212.129.29.175: 56 data bytes
64 bytes from 8.8.8.8: icmp_seq=0 ttl=59 time=1.041 ms
64 bytes from 8.8.8.8: icmp_seq=1 ttl=59 time=1.034 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=59 time=1.023 ms

–- 8.8.8.8 ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 1.023/1.033/1.041/0.007 ms

I can ping google.com
PING google.com (173.194.40.99) from 212.129.29.175: 56 data bytes
64 bytes from 173.194.40.99: icmp_seq=0 ttl=58 time=1.035 ms
64 bytes from 173.194.40.99: icmp_seq=1 ttl=58 time=1.065 ms
64 bytes from 173.194.40.99: icmp_seq=2 ttl=58 time=1.055 ms

--- google.com ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 1.035/1.052/1.065/0.012 ms

But still not able to get version information ...
Downloading new version information...done
Unable to check for updates.
Could not contact custom update server.

I can ping updates.pfsense.org
PING updates.pfsense.org (162.208.119.39): 56 data bytes
64 bytes from 162.208.119.39: icmp_seq=0 ttl=52 time=100.938 ms
64 bytes from 162.208.119.39: icmp_seq=1 ttl=52 time=100.937 ms
64 bytes from 162.208.119.39: icmp_seq=2 ttl=52 time=100.909 ms

--- updates.pfsense.org ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 100.909/100.928/100.938/0.013 ms

And I can do telnet on updates.pfsense.org 443
telnet updates.pfsense.org 443
Trying 162.208.119.39...
Connected to updates.pfsense.org.
Escape character is '^]'.
GET
HTTP/1.1 400 Bad Request
Server: nginx/1.6.2
Date: Tue, 24 Mar 2015 21:51:29 GMT
Content-Type: text/html
Content-Length: 172
Connection: close

<title>400 Bad Request</title>

400 Bad Request

</center>

<center>nginx/1.6.2</center>

Connection closed by foreign host

My Fw handle the public Ip. All my services are up (mails, web, vpn).
But I can't check the update.

Any other good ideas ??

Nullity

Play with DNS, Gateway, and General Settings. For example, change settings, then change back to original settings.

I occasionally experience this problem. The above usually fixes it. Just some quirk/bug, I imagine.

kejianshi

You may also get that problem while everything else seems fine if under general setup, you have " Do not use the DNS Forwarder as a DNS server for the firewall " checked.

tof

I totally stopped the DNS forwarder and the DNS resolver.
I use bind for my internal zone.
I use thdse dns servers for the public DNS :
88.191.253.51
88.191.253.52
8.8.8.8
192.168.1.254

these two pings are working :
ping -S public_ip updates.pfsense.org
ping -S 192.168.1.254 updates.pfsense.org

How verify in command line the configuration of the firmware upgrade ?

Roofus

I had same problem.

Using 'default' interface for PING I was unable to ping www.google.com unless I specifically selected one of my WAN interfaces (it would then work).

Turned out that PFSense was using the wrong 'default' in its interface selection. Once I selected the 'default' gateway for one of my WAN interfaces and saved, everything was cured and PFSense could get its updates automatically.

I believe this was because PFSense originally set up on of my LAN interfaces as WAN and I swapped this later.

Hope this helps someone…

tof

Nope …
I checked every thing and all are ok...
The default interface is ok for the Wan interface, and no gateway for the 2 others lan interfaces.

Elludium_Q-36

I hate it when no one follows through, resolves the issue, or marks it as "solved"!

I searched, but wound up posting in :

Unable to check for updates. https://forum.pfsense.org/index.php?topic=94909.0

:(

tchello

Hi, I was too with same problem without resolution in anywhere place, That I did, In my machine, I browsing the site: https://updates.pfsense.org/_updaters/latest.tgz, downloaded this file, then was to firewall into system, firmware - Enable Firmware Update, Select File, and point to latest.tgz, click in Upgrade Firmware and wait the process finished.

I hope that help u

Elludium_Q-36

Thank you, BUT…

You shouldn't have to manually download ANYTHING!!!!!

Maybe it only affects those who aren't Gold Members!

Let's see... I don't allow anything to access my LAN, so I'd probably have to download that to my desktop, then file transfer it to my pfSense machine, and then point to the file, recursively. Then, i'd need to set some utility to poll for changes to the file, on the pfSense server.

Yeah, "sure"!!!!

cmb

That means the system can't download a file from us. Most often in current versions, broken IPv6 connectivity on your system is the cause, it thinks it has v6 connectivity but doesn't. System>Advanced, Networking, check "Prefer IPv4 over IPv6". Reboot, then try again. Second most likely, DNS on the host itself is non-functional.

@Elludium_Q-36:

Maybe it only affects those who aren't Gold Members!

::) No, the software has no clue whether you're a gold member.