Which ports need to be open for Update detection ?
On an AWS installarion of 2.3 I have the "Obtaining update status " continuously spinning, probably due to restrictive blocking on the NetworkACL or SecurityGroup. Do you know which ports (and possible target IPs) need to be open for Update checks to work ?
Gertjan last edited by
This means : port 443, not a port that could be blocked.
But I guess your issue is different.
DNS is working ?
from the webgui ? Does it resolve to an IP ?
PING updates.pfsense.org (220.127.116.11): 56 data bytes 64 bytes from 18.104.22.168: icmp_seq=0 ttl=49 time=114.551 ms 64 bytes from 22.214.171.124: icmp_seq=1 ttl=49 time=142.796 ms 64 bytes from 126.96.36.199: icmp_seq=2 ttl=49 time=114.759 ms --- updates.pfsense.org ping statistics --- 3 packets transmitted, 3 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 114.551/124.035/142.796/13.266 ms
In addition to the information on the above post, you should also check if your pfSense install can access https://pkg.pfsense.org. This is the repository where the 2.3.x+ updates come from.
For AWS, you need 80 and 443 to firmware.netgate.com only.