SG-3100 Hangs after internet outage
I have a SG-3100 that for the last couple nights, excuse me for my IT ignorance, it hangs. Can only presume the incoming internet, cable modem (Virgin Media, Ireland), falls over and we loose internet connection. The pfsense is connected to Unifi switch and unifi AP's, and even though I am connected wirelessly, I can't get to the IP of the pfsense via a browser to restart it (ipad/iphone/macbook pro)? And therefore can only reset it by "pulling the plug" which obviously am reluctant to do.
Any suggestions? Is the firmware corrupt? Surely if it was a brief outage from Virgin then the pfsense will recapture a new IP address if given by the cable modem and carry on (the VM router is in "modem mode").
SG-3100 running 2.4.5.
Thanks in advance.
Gertjan last edited by Gertjan
Connected to the LAN interface, your devices, using DHCP, still receive an IP (and mask, gateway, DNS ) ?
If so, that ok, pfSense is still alive, and you shuld be able to connect to the GUI using a browser http://192.168.1.1/
What does Status > Interfaces say to you ? Is the WAN interface up ? What is the "IPv4 Address" received for" WAN IP ?"
Do you have a 'real' - using the USB serial cable - console access ? If so, use it, and do a clean reboot command (option 5). Log all the messages, and show us any messages that are 'alarming'.
Also : what about feeding your modem and pfSense with an UPS ? Just to exclude any power issues.
edit : very known issue with modems : when the modem WAN side connection fails, pfSense will notice this, as gateway monitoring is doing it's job.
When the gateway stays down to long, the interface (WAN) is restarted so the DHCP client on that interface starts asking for a new WAN IP.
Because modems are often slow to build a new "bridged connection" they have the habit of handing over an RFC 1918 IP to pfSense, which doesn't make your internet connection work. This RFC 1918 IP is ok so you can connect to the GUI of the modem, if it has one.
It should be the DHCP server of your ISP that should reply with a valid WAN IP. Which can only happens when the modem build the bridged connection.
So, these options are for you (WAN Interface) :
where you can instruct the DHCP client running on the WAN interface to
- hold of some time after the interface comes up
- or exclude RFC 1918 IP's or an IP network of your choice, so it will only capture a usable WAN IP.
Yes, am considering a UPS, awaiting spare funds for such, but no, it wasn't a power outage, when this happened on Sunday, we were watching a film via Plex, so the film stopped streaming on the raspberry pi.
My pfsense is 172.16.0.1, but couldn't get into it via a browser, when devices were on DHCP, I tried a manual IP address, subnet mask and gateway (didnt put in DNS), and still couldn't get into the GUI.
Now the Status for the WAN is UP 1000baseT <full-duplex> and an external IP address of what I would be expecting. And everything is good.
When I have come down to resolve this issue, the VM Router light is purple which is the status light for it running ok. So could if have been a power surge that upset the SG-3100, are they susceptible to such? If so then a UPS that runs via DC power (converted) would be better?
Havent the time to run console today, maybe later in the week?
Hello, so again the internet hung, not exactly sure when, it was working flawlessly all day, just returned from a shopping trip and there wasn't a connection. Interestingly, the wired ethernet connection of my Mac desktop wasn't getting an IP address (self), whereas the wifi connection was getting IP addresses, but no connection to the outside world.
I've had now a CyberPower UPS that provides a constant voltage for a couple months now, so hopefully that variable can be ironed out. And I had configured the DHCP configuration as you described for the WAN.
But even with the wired or wireless, whilst the internet wasn't working, I couldn't even connect via browser to the pfSense?!
I've looked at the System Logs/System/Gateways and unfortunately it only goes back 50 entries
But the DNS Resolver shows maybe the time of the issue?
Any clues? Thanks.
Gertjan last edited by
I couldn't even connect via browser to the pfSense?!
When you visit the GUI dashboard, the information isn't all static. Most of it is collected "at the source' and some of that isn't available "on site".
Example, package version info is compared with available versions on the 'Netgate' package server. A working connection is needed (read = DNS, amongst other, should work). If the connection is lost, the GUI behaves somewhat like any other web site that is off line. The GUI dashboard will show up, after some (DNS) time outs.
Start finding the answer to this question :
Why is the Resolver restarting so often ?
When it restarts, DNS will be off line for several moments.
A reason might be, as you showed : if dpinger 'thinks' restarts the Internet connection is bad (very high latency, or even pings lost) then it restarts the WAN interface - and packages / processes like unbound.
Discover why your uplink (ISP) is bad, and you should be close to a solution.