Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Unable to access OpenVPN and NATted services after upgrade pfSense 21.05.0-RELEASE to 21.05.1-RELEASE on SG5100

    Scheduled Pinned Locked Moved OpenVPN
    4 Posts 2 Posters 705 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      Michael Schrijnder
      last edited by

      After the upgrade I am not able to have my iPhone OpenVPN to connect to the Netgate SG5100 anymore.
      Furthermore NATted service ports 80 and 443 to an internal host (ie port forwarding) are not working anymore either.
      The configuration did not change, neither any services within my local network.
      Everything was working before the upgrade.

      I also did the Netgate suggested forced pkg re-install (https://docs.netgate.com/pfsense/en/latest/troubleshooting/upgrades.html) which did not solve the issue.

      I've looked on the forum, but cannot find a related posting, any suggestions to help me along/point me in the right direction would be much appreciated.

      With kind regards,
      Michael

      M 1 Reply Last reply Reply Quote 0
      • M
        Michael Schrijnder @Michael Schrijnder
        last edited by

        @michael-schrijnder
        Completely halted the system (power down) and disconnected the power for a while. This in line with some other issues logged and suggested that it might solve the problem.
        This did not solve the issue.

        J 1 Reply Last reply Reply Quote 0
        • J
          jacktaam @Michael Schrijnder
          last edited by

          @michael-schrijnder
          check your NAT policies and Firewall Rules.
          Also you must create a backup and then try to upgrade pfsense.

          1 Reply Last reply Reply Quote 0
          • M
            Michael Schrijnder
            last edited by

            I was waiting for a "fix" of the pSense software, hoping this would fix it.
            After installing the latest version of the software, which I installed on the Netgate device from scratch, I found that actually the culprit is not the Netgate/pfSense firmware, but the problem is related to pfBlockerNG.
            After the installation of the new firmware, I re-loaded my latest configuration from backup, and everything seemed to be working when I checked, impatiently, when actually the software was still installing my (to be) installed packages, like pfBlockerNG.

            All in all I found that pfBlockerNG needs to be de-activated when rebooting the device, and then activated after startup. Then everything works as it should.
            Next step is trying to find out why pfBlockerNG is giving me this problem.

            pfBlockerNG is blocking based on IP (geo-IP) and based on DNSBL (DNS black listing).
            I definitely did not block my country (NL) and I just use (a lot) of very common DNSBL lists.

            Any ideas/suggestions are welcome.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.