Solved NAT Bug 2.5.1 temporarily with 2.6.0-Devel
-
Hi. Upgrade to 2.6.0-Devel.
The nat started working.
at the time of starting I had no connection with anything. But it was that the static routes did not load automatically (I assume for "devel" reasons) I had to load them manually and voila. I will be frozen in 2.6.0-Devel until it stabilizes or 2.5.2 is released
-
@j-sejo1 can we roll back to stable once 2.5.2 is released? Or do we have to do fresh installation for rolling back.
-
@j-sejo1 happy for your fix but I'm not going the DEVEL way.
I do appreciate the work of developers and the open-source nature of the project, but honestly, NAT is the bread and butter of a firewall. I can understand advanced features not working properly but this.Anyhow I have deployed an Opnsense in my LAB and I'm very happy, aside from that OPNsense doesn't have policy-based routing, like 2 different GW, I can't create a LAN rule to let certain docker host use another GW.
This means I'm back on square one with this problem and need a fix before ditch PFsense for good.
Last month PFblocker affected Unbound, so they release 4 updates to fix this issue,. PFsense is getting too much unpredictable for my taste, Need stability that I'm not getting from this distro lately.
Cheers and sorry for the rant :)
-
@antonio76 I have a 2.2.6 distro lying around...
Best ever release and it ran for 5½ yrs with zero downtime.
Only reason I upgraded was the package repo missing.
-
@enthu19 I don't know if that can be done. But when 2.5.2 comes out, my decision is to install clean 2.5.2 and run the backup.
-
@antonio76 Reality. Since I entered Pfsense Plus + now Pfsense CE is not going to have the stability of Before. It will be a "laboratory rabbit"
I don't think it is a strategy to downgrade the CE version to boost sales of the PLUS. If that is so, they will lose followers.
You're right, NAT is the essence of a Firewall. I prefer that snort, squid vpn etc fail, that can be solved in thousands of ways, But the Firewall that fails something basic, leaves many doubts.
-
@j-sejo1 If I have to pay , I'm going Untangle all in. I got also the Sophos option but is not my favorite currently.
But indeed I can't run service in a playground environment. Production or home stuff. I need less features but reliability from a firewall ,