@rnmixon Ugh! After restoring the new config everthing is working except for one situation:
We have a virtual IP with two rules that pass port 80/443 to the IP (IP#1) of an internal web server.
We also have a number of NAT rules that override the destination for some ports (90x2, 90x3, 90x4, ...) on that virtual IP, routing to different IPs (IP#2, IP#3, IP#4, ...) on the LAN.
NONE of the NAT rules appear to be working, the firewall log shows traffic being blocked on (for example) port 90x2 as it tries to route to IP#1 instead of following the NAT rule to IP#2.
This all worked on our original config when we were running pfSense 2.4.5 and also when it was upgraded to version 2.5.1 (though failover was now broken).
I'm guessing when I merged in the changes from 2.5.1 config file into my old 2.4.5 config file I must have muffed something, however not sure what - the syntax of the changes all looked to be the same as the 2.4.5 syntax.
Any ideas from anyone before I restore to the old config that's size weeks old and lose all my changes?
I have the similar issue after upgrading to 21.02.2 version on my Negate SG-5100. Prior to upgrade all OpenVPN connections were working fine. After upgrade only one VPN connection is working, other is connected but no traffic passing. On disabling the VPN on connection 2, data traffic starts but not on VPN.
Not sure if it's a bug generated by pfsense update.
In the time it took to fix this critical bug, I was able to:
Set up and thoroughly test out OPNsense in a staging environment
Find viable replacements for all the pfSense plugins and features I was using
Weigh the pros and cons of switching to OPNsense
Realize that open source pfSense has become a second class citizen
Provision a new production firewall with OPNsense
Manually copy the configuration from pfSense to the new OPNsense box
Retire my pfSense box and switch permanently to OPNsense