axxxxe last edited by
I set up an SG-3100 with pfSense 2 weeks ago. Til tonight, no issues. At about 19:30 we noticed no connection to the internet. LAN was up, but no way out to the internet.
Some time later at about 20:50 I connected to my admin subnet (192.168.5.x) to try to login to diagnose. I connected to the pfSense address with Firefox, was offered the usual pfSense login screen. I entered my username and password and Firefox then hung with "waiting".
After 5 minutes gave up and plugged in to OPT1 (backup admin interface). Again Firefox to the pfSense address (10.123.123.1) and same behavior: login screen - entered username and password and Firefox hung waiting for a response.
After a minute or two I pulled the power cord on the SG-3100 and plugged it back in (was under pressure from the SO). After reboot all ok.
Below is a log snapshot from the important time window.
How to diagnose? What are the Gateway alarms...?
If you see the login screen but nothing further in the GUI it usually means there are no available php processes because they are all hung up doing something else. If you SSH into the box (or use the serial console) and reset php you can usually get into the GUI again to investigate.
There is nothing that really looks like an error in that log. It shows the WAN gateway went down or at least that it stopped responding to ping.
The Gateway alarms are the gateway monitoring process (dpinger) logging that pings to the gateway are outside it's limits.
So initially in that screenshot because it sees over 10% packet loss, though it's also over 500ms latency which is the upper threshold for that. Then because it goes over 20%, the upper limit for loss. Then finally at 100% it's completely down.
Those values are averaged so it likely just went down completely.
axxxxe last edited by
Thanks for the helpful reply, Stephen. I will try the PHP reset trick if this occurs again. I assume there is nothing about a WAN outage that would account for a PHP overload, is that right?
I would not expect it to, no.
teamits last edited by
pfSense login screen. I entered my username and password and Firefox then hung with "waiting".
If the WAN is down the home page/dashboard's checks can take a while to time out. Really anything that does a DNS lookup can take a while especially if multiple DNS servers are configured, since they all need to time out. Possibly disabling the check for new versions might help, but obviously not after the fact. 5 minutes seems like a long time though.