Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Installation glitches on 2.1-RELEASE

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    1 Posts 1 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      sergei
      last edited by

      pfSense 2.1 looks like a decent firewall, but there are several glitches in the
      installation and configuration wizard, which would cost you a couple of days, a
      few clean installs or resets to defaults, plus more than a basic knowledge of the
      IP routing/networking and Linux administration.

      1. The initial setup should be done from the console on the PC running pfSense,
        so the headless installation is impossible. (Firewalls are usually on the racks
        in the server room, no keyboard or display attached.) Installing pfSense on one
        computer (with a display) and the moving the HDD to a slightly different computer
        does not work (Linux distributions usually survive such migrations.)

      2. The initial setup requires configuring interfaces for WAN and LAN. After configuring
        WAN pfSense suggests to use https://wan_ip_address for further configuration, but
        this obviously does not work because all WAN ports are initially (and correctly) closed.
        _Luckily, after configuring LAN, pfSense suggests to use https://lan_ip_address for further
        configuration, and this really works, because all LAN traffic is allowed by default.

      4. Running web installer on https://lan_ip_address starts the installation wizard.
        Here you find out that some of your previous WAN installations (step 2), like the default
        gateway address on WAN, are forgotten, the same for the forgotten DHCP range for LAN
        (you already set up in step 3).

      5. The most difficult installation error (quite impossible to figure) is that after all wizard
        manipulations, you cannot ping remote hosts from the LAN, although DNS works, and all
        traffic from the LAN to WAN is allowed by default. The secret is that you have to say
        NONE to the LAN gateway(another option is GW_LAN…), although the default gateway on
        the LAN should and does exist (192.168.1.1 in my case). This is very confusing.

      6. The ssh service (unlike other services like dhcp) cannot be switched on/off from the web
        interface. Bad luck if you forgot to enable it from the console setup in step 1 and
        disconnected the display.

      7. Bad luck if you disconnected the display and ticked the boxes "Block private and bogon
        networks". This immediately cuts you off from remote web-administering your computer on
        the LAN (although the provided explanation says they should be turned ON). You need to
        restart form step 1.

      8. For some unknown reason the TCP port 21 (ftp, who uses it anyway?) is open by default,
        and cannot be closed.

      9. The pfSense search engine is quite weak, google with site:ofsense.org is more productive.

      10. Although I checksumed the CD and burned it with checks on several computers, there is some

      Medium error asc: 11, 5 (L-EC uncorrectable error)_

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.