Old pfSense 2.0-RC1 box



  • We have an off again on again client that recently asked us to start doing work again. We installed a pfSense 2.0-rc1 firewall many moons ago and it had some issues today. I know it needs to be replaced but to say they are stingy with funds is an understatement. We managed to get them back up today by rebooting the firewall a couple of times. For us that means it needs to be replaced. To them it means it's working and it's fine. Whatever...

    The issue I came across is the interfaces configuration screen for both LAN and WAN.0_1543507061179_bff7ebbc-6777-4836-90f6-f1a45aeed198-image.png
    Literally, all I see is the enable checkbox and Save/Cancel. There are no other options. Was the configuration in a different place back then or is the install broken? I don't ever remember it being in a different spot.



  • the install is borked. probably filesystem corruption due to power failure or harddisk starting to fail or ....


  • Rebel Alliance Global Moderator

    @stewart said in Old pfSense 2.0-RC1 box:

    I know it needs to be replaced but to say they are stingy with funds is an understatement.

    Tell them its BROKE - which it is, and they need a new one.. Done ;) Doesn't matter how cheap they are..


  • Rebel Alliance Developer Netgate

    It's also possible your browser was hiding things that show/hide with JavaScript. For example, Ad blockers, script blockers, etc. can all interfere with pages like that. Could also be the browser itself (use FF or Chrome, not IE or Safari, to be safe)

    Less issues like that on the modern bootstrap UI, but it can still happen.


  • Rebel Alliance Global Moderator

    Browser issue or not "2.0-RC1" needs to be replaced...

    It is BROKE!!! Replace it - or see if you can load current on the hardware.


  • Rebel Alliance Developer Netgate

    Definitely, but if their browser is busted, it could still be busted with 2.4.4 :)



  • We've pitched them to replace it, most recently in September when they moved. We can always throw in another box if this one really goes belly up. I just didn't know if there was something I was missing or if it is messed up. It's been a long time since 2.0 so I wasn't sure. Thanks!


  • Rebel Alliance Global Moderator

    That was before Sept 2011, since that is RC1 ;)



  • @johnpoz I didn't realize we had been using pfSense that long! Before that was Untangle. Before that was IPCop. While I wish there was more graphically like Untangle has (or graphs in the reporting like there used to be before the overhaul) it's overall a much better product. All the products have great featuresets but to me it comes down to how can you troubleshoot and fix it. It's fun to implement IPSec VPN and get that traffic flowing or setting up IDS and watching all the malicious IPs getting blocked.

    It's not as much fun when something breaks and I love how much you can get your hands dirty sorting out whats happening to get it fixed. VOIP not working and you can't tell from the logs? Drop to CLI and run tcpdump on the interfaces simultaneously. Open them both up in wireshark and show the provider exactly what was received, how it was passed, and how the response came through and was sent. They always claim it's the firewall and so far I've always, ALWAYS shown them it isn't.


  • Rebel Alliance Global Moderator

    And not even updated... Only excuse I could see for being on 2.0RC1 was they dropped you for support before 2.0 even dropped which was Sept 2011..

    Yeah used IPcop back in the day - never a fan of untangle ever.. Its a bloated POS if you ask me.. And that they support arp poisoning as a mode of operation is just utter nonsense.. You can put all the lipstick you want on a pig, fancy dress even and wig if you want - in the end its still a pig... ;)


  • Netgate Administrator

    I too came from IPCop. That was a while back though. 😉

    What hardware are they running that on?

    Whatever it is they will be able to update to a far newer version for nothing. Unless maybe it's something with 128MB RAM!

    Steve



  • @stephenw10 Core2Duo something. That's all I remember at the moment. It's got a few grey hairs!


  • Netgate Administrator

    Should run 2.4.4 then assuming sufficient RAM. It would probably run OK in 512MB but I'd want to see 1GB really.

    If it's Nano and running from some tiny flash you might need a different boot medium.

    Might only cost your time.

    Steve



  • @stephenw10 I know it has at least 1GB of RAM but a platter drive at over 7 years old spinning 24x7? I can only imagine it breaks 3 months down the line and they expect us to cover it. No, I've got to say all or nothing on that box. Besides, a small PC is cheap enough to throw in there. If I'm replacing the drive might as well replace the whole thing.


  • Netgate Administrator

    No arguments from me. 😉


  • Rebel Alliance Global Moderator

    Why not throw in an actual appliance from netgate.. 3100 say?



  • @johnpoz I've been iffy on using ARM devices over x86. We use the APU2C4 with 4x the storage and x86 feels like it's a lot more powerful than an ARM for running the extra services, all at ~$150 less. While the 3100 does have a switch built in, we just wouldn't utilize it. I really like the 4220 and think it would be perfect with 1 more port. Grrr... We utilize the third port for their dual-wan or creating a CDE for PCI Compliance. And $200 for the whole kit would be perfect. I would just need a third port. If there were a version of it for $249 with 3 ports or $299 with 4 ports it would probably be our go-to product.


  • Rebel Alliance Global Moderator

    From my understanding there is a new box suppose to hit pretty soon.. Not sure of the details but suppose to be a great price point, etc.



  • @johnpoz I'll cross my fingers!