2.7.0 Issues
-
@TAC57 said in 2.7.0 Issues:
I was hoping this would have been fixed in 2.7 CE.
https://docs.netgate.com/pfsense/en/latest/releases/2-7-0.html#dns-resolver
"Fixed: DNS Resolver experiences intermittent resolution failures with SSL over TLS due to ASLR #14056" -
Any fix for this?
-
Hmmm... I'm not using forwarding with DOT or DOH, just straight resolving, but had issues where packages would not download and install after I imported my 2.6 backup. I hadn't upgraded (put the MSATA with 2.6 aside as an emergency 'roll back'), instead did a fresh install of 2.7. Then fixed up what was WAN and what was LAN, thinking that with at least those corrected, I could login and do the setup wizard, then restore my backup and that would handle the other interfaces/vlans and the packages. Well, nope. No packages attempted to install, no banner about packages installing please wait a few hours... nothing. I rebooted. Nothing. I should have taken a peek to see what branch it thought it was in, but instead I just imported my backup again... Finally got the dang banner and I waited maybe 8 minutes for the packages to install. So while not a perfect install execution, it did finally setup properly. If the issues here with you guys can be traced to that DOT issue not really being fixed, the issue would hopefully resolve if you sent it to resolve instead? Or maybe a host override (would that work for the firewall itself trying to resolve something?). Just thinking out loud here...
-
@Tzvia Usually if packages fail to restore it’s because pfSense can’t connect out (yet) so the attempt fails. One can reinstall packages from the GUI as well.
https://docs.netgate.com/pfsense/en/latest/packages/manager.html#reinstalling-and-updating-packages -
@Tzvia said in 2.7.0 Issues:
instead did a fresh install of 2.7
I have been considering that and then reinstalling the packages. However, why is this problem even happening? Is the problem in 2.6 or the server?
-
@SteveITS Yes I know- that is why before I do anything on a fresh install- at the console, I set the WAN and LAN - as my LAN is IGB0 and my WAN is IGB1 (don't ask). I set those manually, then run the wizard and afterwards, verify I have working internet. THEN I import the settings, thinking that it should be able to DL the packages... This has worked for me in the past but not this time. And as I had mentioned, no DOT/DOH or any DNS forwarding, just resolving to roots. PFSense just plain didn't attempt to download packages but it did pick up all the rest of my settings; VLANS and what packages I SHOULD have. But they were 'not installed' and no indication that they were installing either, no banner, nothing. But I had internet...
I don't know if anyone here had tried to import their settings again.. or tried setting DNS back to straight resolving and then attempting to re-import... If it works, curious if it would continue to if you then manually set it back to forwarding with DOT.
-
@Jknott I've been using pfsense forever! Not a single problem with 2.6.0. I jumped to pfsense+ and started getting issues with unable to check for updates, unable to backup my config files, problems with app updates, etc. I was told it was a DNS problem and I must a bad configuration issue somewhere. I finally went back to 2.6.0 and everything was cool. I figured when v2.7 was released the DNS issues wouldn't be there but that doesn't appear to be the case.
Now I reload pfsense 2.6 iso, try to load my config file and get told it won't load any packages because I need to upgrade to 2.7. When I up grade to 2.7 I get 'No packages installed.' When I got to the package manager I'm told:
How do I deal with this? -
@SteveITS See my additional reply below.
Kind of hard to reinstall anything. -
@TAC57 if using 2.6 you’ll need to change the update branch to Previous Stable so it downloads packages for 2.6. Note that will work until 2.8 is released, and Previous=2.7.
I’ve seen your other threads and don’t really have an answer. DNS should work out of the box. Does everything work if you reset the config to factory defaults? You can restore your config afterwards.
-
@TAC57 said in 2.7.0 Issues:
I've been using pfsense forever! Not a single problem with 2.6.0. I jumped to pfsense+ and started getting issues with unable to check for updates, unable to backup my config files, problems with app updates, etc. I was told it was a DNS problem and I must a bad configuration issue somewhere.
I have been running pfSense for about 6.5 years and it's always been fine. When I go to the command line, in pfSense, I can successfully ping acb.netgate.com and ews.netgate.com, so that rules out any DNS problem.
-
I did fresh install of 2.7 and restored my old 2.6 config. No issues whatsoever.
-
I guess I'll have to do the same, if a better solution doesn't turn up.
-
I just noticed my system is set to update from 2.7.0, even though it's currently 2.6.0. Might this cause the problem? Also, I can't set the branch to 2.6.0. The choices are 2.7.0, DEVEL or 2.5.2.
-
@JKnott It shouldn't be showing 2.5 so something's wrong.
Try going to system/update/settings, ensure the Current Stable branch is selected, and click Save without changing anything.
And yes if Current/2.7 is selected and you're trying to install packages on 2.6 it can cause problems: https://forum.netgate.com/topic/181159/2-7-0-issues/19
-
-
@JKnott Yea I had that issue before I decided to. update to 2.7… found my answer to that issue here: https://forum.netgate.com/topic/181144/after-2-7-0-is-released-why-do-i-see-different-update-branch-selections
-
@SteveITS said in 2.7.0 Issues:
It shouldn't be showing 2.5 so something's wrong.
The only choices are what I mentioned above. There is no 2.6.0 available. I've been running pfSense for over 7 years and this is the first time an update failed.
Any idea how I can select 2.6.0?
-
@JKnott Did you try the info in the link I provided above? Worked for me.
From Bingo600:
"I had to switch to the "Devel" branch , then go to the pfSense main screen , it will now show 2.8.xxxx as the branch (devel)
Then back to updates and system updates , there i selected 2.6.0
Then i switched to update settings…” and sees the 2.6 choice again.This worked for me on Friday night after I rebooted PFSense as part of the prep before upgrading it Saturday Morning.
-
@Tzvia said in 2.7.0 Issues:
This worked for me on Friday night after I rebooted PFSense as part of the prep before upgrading it Saturday Morning.
I tried again, as described. No difference.
-
I've downloaded the 2.7.0 installer. I noticed the first version I downloaded was 2.4.4.
-
@JKnott DANG. I remember... setting 2.8 DEVEL in SYSTEM UPDATE, going to DASHBOARD, waiting for it to complete loading, then back to SYSTEM UPDATE/UPDATE SETTINGS and seeing it there and saving it.....
But frankly, other than 2.7 not attempting to install packages till I loaded my config a second time, it's been OK. I looked all over, everything from clients getting IPV6 correctly (including their ULAs and DNS server settings by their ULAs), limiters tested and working, all the firewall rules in order and VLANS are UP, PFBlocker looks ok, all the other 'gotchas' I could remember over the years checked... I don't yet see any serious issue that needs an asap patch... cross fingers. Even though I have my msata with 2.6 configured standing by I don't think I will need it... I even checked OpenVPN on my MAC and Windows laptop and they work...
I don't think I am going back unless there is a time-bomb in there I haven't hit yet. And yea I remembered to DL another copy of 2.6 weeks ago just in case... Found my 2.26 installer in my NAS... couldn't find the older ones though LOL.