PFsense CE 2.5.1 NAT broken on interface != default WAN
-
@infosamu-it since netgate hasn't released the build tools, not much we can do but wait for the next release AFAIK. 2.6.0 is an option but there are a few issues with that I know of
kernel panics #11839
counters 0/0 #11775
Also rate limiting seems broken as per another user. maybe related to #11775.pfsense fun!
-
Any timeframe we can expect a fix to be released?
Neither downgrade nor development version seems a great choice. -
I am also just a user who shares your pain, stuck on 2.5.1, any guesses will just be speculation at at this time.
-
tambem tive esse problema, resolvi assim
desabilito - starto o serviço depois desmarco e funcionou.João Oliveira
-
@joao-maria Hmm.. not sure I wan to disable firewall :-)
-
@vajonam This is not true netgate has released the right build tools. together with another user I was able build the new kernel and install and can confirm it fixes the problem. so we have to hurry up and wait for a p1 or some such release officially.
For others interested.
https://github.com/Augustin-FL/building-pfsense-iso-from-source -
@vajonam
thank you for this really detailed documentation!Maybe you can help Netgate to build -p1?
-
After many months with 2.4.5 I finally decided to upgrade to 2.5.1 last weekend and now I'm really upset about not having read the release notes and seen this topic before.
Fortunately, I had few NAT rules on the secondary links and I managed to resolve it relatively quickly, but I will have to hope that my main link does not stop.
I am miles away from the server (which is physical), rollback to the previous version is unthinkable at the moment.
-
@neo666 I have just updated my pfsense today to 2.6.0-devel and that solved the problem. And as you i am also upset that netgate can let this bug happen and not make an quick patch for 2.5.1. An other question i have is why is not the plus version of pfsense effected. Now i am forced to run devel version in production.
-
@encyklopedi The plus version is paid and despite Netgate saying they will treat pfsense CE the same as the Plus version, pfsense CE is on the slow-track. Bug is fixed in the Plus version within days, the CE version just a pet project. And nobody give me bs that it is fixed in 2.6 so CE is not going to be left behind! 2.6 and the CE version is just a big testing ground for Netgate so they can keep Plus version stable a reliable for paying customers. Why don’t they just admit it, would clear up a lot of confusion and people would be able to make a strategic choice if to continue with Netgate product or what version to choose.
-
@vjizzle I don't have a problem if that the case. But then should Netgate be open with that. So if people/corporations feel the need for quick support they know that they need to be on the plus-version and not on CE-version.
-
@encyklopedi Exactly my point. Put your big-boy pants on and just come clean and do it quick.
-
So as I start to realize now, they won't do any bug fixes anymore. Screw you guys.
-
I can not understand why this problem is not in the know issues list, people still run into this known issue... -
@slu said in PFsense CE 2.5.1 NAT broken on interface != default WAN:
I can not understand why this problem is not in the know issues list, people still run into this known issue...
https://docs.netgate.com/pfsense/en/latest/releases/21-02-2_2-5-1.html
It is in the release notes (link above), unfortunately I only found it when I was already facing the problem and after analyzing all my infrastructure because days before the firmware upgrade I had exchanged one of my gateways equipment and I thought it could be it.
In my opinion the right thing would be to remove the download file as soon as the problem has been reported, since a solution apparently will not be quick.
-
@neo666 said in PFsense CE 2.5.1 NAT broken on interface != default WAN:
It is in the release notes (link above), unfortunately I only found it when I was already facing the problem and after analyzing all my infrastructure because days before the firmware upgrade I had exchanged one of my gateways equipment and I thought it could be it.
Ok, the known issue list is grow up now since i look the last time.
-
Any solution to this problem?
From what I can figure out, Plus version is fixed, but I can't run that on my own hardware, so it's a dead end.
CE version seems abandoned in terms of fixing issues. This has been an issue for a long time now.
I've always been happy with the support and features of pfSense, but I guess it's time to move on :-(
-
@jim82 said in PFsense CE 2.5.1 NAT broken on interface != default WAN:
CE version seems abandoned in terms of fixing issues. This has been an issue for a long time now.
I don't think so, the fix is included in new versions/builds and it look like 2.5.2 is coming:
https://redmine.pfsense.org/versions/65 -
@slu IF the maintenance release 2.5.2 is coming they sure are taking all the time. Besides, the redmine does not show nearly the actual bugs in 2.5.1. The multiwan bug is not there and nothing abound an unbound fix either.
I sure am not paying a dime to Netgate, and am not planning to with this attitude. I am waiting for when I can upgrade my own hardware to a Plus version IF reasonably priced. In the meantime I enjoy 2.4.5 p1 CE.
-
Bom dia! Amigos
ainda estou na versão 2.5.0, mais diante de todos os problemas penso em mudar tirar os PF e investir em outra tecnologia já que não estamos tendo ajuda.