4. PfSense GUI Unresponsive following WAN down/Flap

PfSense GUI Unresponsive following WAN down/Flap

  • M

    I don't know where to start attempting to figure this one out. I purchased a Supermico A1SRM-LN7F-2758 for the purpose of building a pfSense firewall. I have a very basic setup with two WAN connections (I have not configured failover). I do have the Enable default gateway switching activated but that is about it.  I had stated installing a few available packages such as pfBlockerNG, squid, and squidGuard. Everything ran fine for a while. I am running 2.3.3-RELEASE-p1 (amd64). sometime around 3.3.2 was installed I started having issues where I have to restart pfSense every 24-48 hours to keep it running. The first symptoms indicating that something is getting unhappy is that I can no longer get in the GUI but traffic seems to be okay. If I wait a while in this condition, all traffic to the internet seems to stop. Sometimes I can ssh into the box and restart PHP-FPM and I can then access the GUI. I can make the behavior happen almost immediately by unplugging a WAN port and plugging it back in. Searching the board I did find that setting kern.ipc.nmbclusters to 1000000 seemed to help some others. For me, I thought it helped but likely not. I am a bit of a novice and worked on this project as a learning opportunity. I am but of a novice at Linux but learning a but nonetheless.

    I am about to the point of purchasing a couple of incidents. before doing that I am hoping someone could give me a few suggestions on where to start looking and hopefully resolve my issue.

    Thanks,

    Markn455
    N. GA

    0
  • F

    It's by design. When the default gateway switch, all states are killed. So your connection to webgui becomes invalid. But after a while you should be able to login again. If the gateway is flapping can be annoying

    0
  • M

    In my example, I was pulling the cable from WAN2 port which is not the default gateway. When this occurs, I can't log into the GUI so I am actually establishing a new connection to the GUI. My WAN2 connection is a satellite link which has high latency to very high latency. I have attempted to change the monitoring settings to compensate. Nevertheless, the alternate WAN2 gateway can get marked down multiple times a day and sometimes multiple times an hour. But again, this is not the default gateway. Perhaps I should attempt to adjust it more.

    Currently have WAN2 removed and just running a day or so without it in the mix and see what happens. Thanks for the information, this certainly gives me something else to check.

    At the end of the day I hope to have the DSL on WAN1 and the Satellite link on WAN2. The only time WAN2 gets used would be if WAN2 goes down. I know it's not ideal setup but we are out in the middle of nowhere and that is all we have for Internet. No Cable anywhere in the area.

    Mark

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy