  • I've been having issues with frequent "lock-ups" on several (4) of my Netgate boxes for the past year. This started happening after updating from 2.3.4_p1. This issue never occurred prior updating from that version, and the sites that are still running 2.3.4_p1 have never had the issue. When the lock-up occurs (usually every 3-4 weeks), all Netgate interfaces looses all network connectivity, including OpenVPN, can't ping any interface, and I can't access the WebGUI. Even if I use a static IP on my laptop and connect to an interface, cannot ping interface. The console access still appears to work. Up until recently I've only had SG-4860-1U appliances but just last week this happened on a new XG-7100 running 2.4.4_1. it appears all system logs stop at time the box freezes with not apparent indication of a problem. When this happens the only thing I can do to bring it back online is power-cycle the box.

    I've completely wiped some of these appliances and reloaded pfsense and manually reconfigured, same result. Not sure what else to do so hoping someone can provide some assistance or at least things to try/check. I've searched through the forum and seen similar posts but they all seem to be related to Taffic Shaping or PFBlockerNG, neither of which I'm using. I'm not a linux person but since I can still access the console I can look for things there if given some advice or assistance.

    3 VLANS (1 with a 22 bit mask, other two 24 bit)
    Captive Portal on one VLAN
    SquidGuard for content filtering
    OpenVPN site to site
    NO traffic shaping configured
    NO PFBlockerNG


    I'm not a linux person

    We neither. pfSense isn't based on Linux.

    I can do to bring it back online is power-cycle the box.

    If you don't have to, don't.
    Power cycling is like ... well... really bad. This will introduce issues like lock-ups .... etc.
    As long as you have the console access up, use option 5.

    Captive Portal on one VLAN

    Like me.
    Never found my pfSense down.
    I do noyt have many users, though - 5 - 10 each day - 25 peak.

    OpenVPN site to site

    Not me, just for remote admin access VPN.
    Never failed on me.

    SquidGuard for content filtering

    No disk / partition space issues ? Disk-full = mega failures for sure.

    Do you use an UPS ?
    These guys take away problems that you can't see, neither detect.

    If the box becomes unresponsive on the interfaces, take copies of these



    ps ax



    Also the last several lines of


    If the console is still responsive are you able to ping out from that on all interfaces?

    If not what error do you see on which interface?


  • @gertjan

    No disk space issues, all Netgates are connected to a UPS, average use is 150 to 250 users per day through the captive portal. All these boxes are at remote sites so when they go down my VPN access is gone. However, next time it happens I will go on-site and will run the commands. I don't like power cycling the box either, will try option 5 next time (I think I tried that in the past but not sure) Thanks for the suggestions.

  • @stephenw10

    Thanks for the suggestion, I think the ping from the console fails but it's been a while since I tried that. Next time this happens I will definitely give it a try and update the post. Thanks again

