pfSense Plus and SG-3100
-
The update "bricked" (strong word - trying to get in via serial console right now - all three lights flashing ominously on the front), so please be careful installing this update unless you have your serial console cable ready and a few hours to troubleshoot.
My update started an hour ago, and I'm just now getting things set-up to see what's wrong.
Buyer beware. Caveat emptor. YMMV. I'm connected directly to my cable modem and hopefully that won't be the case for much longer.
Monitoring this thread to see if anyone else has the issue with the hotfix.
-
@nokkief I'm a glutton for punishment I suppose. I installed the new version 2 hrs ago. No issues yet.
-
@nokkief yes, and the system was unresponsive with blue lights pulsing on front until I power cycled after about an hour.
Logs indicate it processed the patch and initiated a reboot but seems to never actually rebooted.Seems ok after the power cycle
-
I didn't try yet, opened a ticket at go.netgate.com to request the firmware, but it's not available yet.
The only available path to p1 is through the upgrade mechanism on your firewall at this time..I want to perform a clean install.
After installing, and setting up interfaces and switch confiig, I'll restore aliases, firewall rules, dhcp mappings, all from my previous xml saved config.
After that, manually set up the certs and configure acme, pfblocker and etc.. -
The 40+ year Unix administrator in me decided to get the serial console hooked up before doing anything else. It was responding/repeating characters, but that's it. Figured after an hour of blinky-flashing lights, it was probably safe to power cycle. I worry a lot about power cycling in the middle of an update...can actually ruin/brick things, especially if an EEPROM is being written to, or whatever.
But yes, power cycled with the console connected, watched it boot, came up fine.
I need to remind myself NOT to do this upgrades during the middle of the work day.
Netgear support: I created a ticket via email. If you'd like to check my router's logs to find out what happened, I'd be more than happy to open things up for you to investigate. Sounds like I wasn't the only person with a "blinking light" issue post-install.
-
Also, I just want to say "thank you Netgate!" for including a working/tested serial console cable inside the SG-3100 box.
I had given away ALL of my Mini-USB cables and was frantically searching for one (out of hundreds of cables), and then I thought to check the box. Whew!
-
Also, for folks who used this workaround, don't forget to remove the "hw.ncpu=1" entry in your /boot/loader.conf.local file after successfully upgrading to the hotfix version.
-
Hey @stephenw10, are you able to confirm that NEW SG-3100's are now being shipped with the updated image? I just ordered one last week that shipped yesterday afternoon, so I'm hoping it will have the fix already applied.
-
requested the latest image file, restored that, restored my backup. everything works great
-
@nokkief I updated as soon as it became available. Updated through the UI and have had no issues since. Im just one data point for you.
-
@wblanton If it shipped yesterday it will not have the update so the firsts thing you do when you get it is run the upgrade.
Steve
-
Good evening all,
I just finished upgrading my SG-3100 to the 21.02-RELEASE-p1 (arm). I had no problems with it.
Thanks for the quick fix and support in getting us through this issue.Keep up the excellent work!
Thanks again and have a good day.
Sincerely,
William
Songtan, ROK -
thanks for the feedback and good to hear that everybody got it to work (even if it took a hard reboot). I will attempt my update later today.
-
I have a SG-3100 in version 2.4.5-RELEASE-p1, I saw that the update came out but I decided to wait, after a few days I researched and found that the version had some errors.
version 21.02_1 is already available but I'm still afraid to update, this client runs 24 hours service, as they update, they pass on feedback.
thank you. -
My SG-3100 is also stuck with 3 lights flashing after upgrading to 21.02_1 and I'm remote. Guess I shouldn't try these updates remotely since they are hit or miss. Now family has to wait 3 hours till I get home :(
-
@flsnowbird Or tell them to unplug it then plug it back in. If it's frozen it shouldn't matter.
-
Agree. After letting it sit for an hour, and connecting a console (no output), I realized it was safe to pull the plug. It ended up resolving the issue.
I also submitted my logs to Netgate support so they could maybe try to figure out why some devices were locking up. Maybe you could open a support ticket and submit your logs to them?
-
@flsnowbird
jesus christ, i can't even think of staying more than 10 minutes without a firewall, there are several clinics around the clock, let me know if after hanging up and calling you decided.
I'm afraid of this update -
@luketa I can't ask them to unplug it because the cables are not labeled and there's a lot more critical equipment plugged in that I don't want them to unplug by mistake. They'll just have to wait.
@Amarand I did open a ticket and they asked me to hook up a USB console cable to see what's going on. Can't really do that until I get home. -
No one here in the thread has had a failure during the installation other than the flashing-lights lock-up. Probably shouldn't upgrade a firewall remotely without smart-hands in place. And you probably shouldn't upgrade a firewall during core business hours - that's just common sense.
Myself, I did it during the day because sometimes you just forget the rules above, and you cowboy a fix.
But if it gets to that point where all three lights are flashing, you're probably just a power cycle away from being up, which is only a minute or two. I waited an hour to see if it was in some sort of upgrade state, like "do not interrupt" or something.
I only power cycled after verifying no output on the console.
