Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Routing all traffic through ipsec, pfsense can't update

    Scheduled Pinned Locked Moved General pfSense Questions
    8 Posts 4 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jca1981
      last edited by

      Hi i have a pfsense box a place where we route all trafic trough ipsec to another pfsense box, the inteternet connection does not allow any other traffic than ipsec.
      everything works great for clients but not for the pfsense box itself when i want to update the box or check for packages it does not work.
      i think i have to make a new lan gateway and maybe route netgate update ip to that (not sure what ip is used) but i am not really sure, anyone can help me?

      1 Reply Last reply Reply Quote 0
      • J
        jca1981
        last edited by

        anyone know the ip where pfsense gets its updates and packages from?

        1 Reply Last reply Reply Quote 0
        • J
          jca1981
          last edited by

          bump

          1 Reply Last reply Reply Quote 0
          • J
            jc2it
            last edited by

            It looks like you cannot manually update 2.3 and newer. Internet only. With that said it doesn't answer your question, but this shows you where the option used to be in the system.

            From: Firmware Updates - Version 2.3 and newer

            https://doc.pfsense.org/index.php/Firmware_Updates#Version_2.3_and_newer

            In 2.3 and newer versions, the update system is pkg-based, changing the available update methods. Upgrades are performed either under System > Update in the webGUI, or option 13 at the console. Manual updates are no longer available, and systems must be Internet-connected to update. 
            
            1 Reply Last reply Reply Quote 0
            • ?
              Guest
              last edited by

              • Do a config backup
              • Download the lastest version 2.4.1 64Bit
              • Do a fresh and full install on your pfSense box

              Be sure that the entire hardware is 64Bit only and that your installation is not a NanoBSD.

              1 Reply Last reply Reply Quote 0
              • J
                jca1981
                last edited by

                thanks for replying but is does not solve the problem with no internet

                1 Reply Last reply Reply Quote 0
                • P
                  PiBa
                  last edited by

                  I think youl need a workaround similar to this one: https://doc.pfsense.org/index.php/Why_can%27t_I_query_SNMP,_use_syslog,_NTP,_or_other_services_initiated_by_the_firewall_itself_over_IPsec_VPN

                  Make your lan-ip the default gateway perhaps. The ipsec will probably still work going out the wan as it makes a static route of its own..

                  1 Reply Last reply Reply Quote 0
                  • J
                    jca1981
                    last edited by

                    Thanks, it worked, had to make 2 static routes bacause i can only select 0.0.0.0/1 in static routes so i made a anoter entry with 128.0.0.0/1 and updates began working.

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.