SG-1100 current firmware version? And DHCP troubles?
-
I have a SG-1100 I finally got around to dusting back off and seeing where I left off with configurations. Planning to make it into a travel router but alas 2020 and life.... I plugged it in turned it on and found out I pretty much got it mostly configured after of my last bout of messing with it. This involved having to do a system reset and it didn't reset everything so I had to ask for the firmware because we can't post it publicly. But I digress now I am still on
2.4.5-RELEASE-p1 (arm64)
built on Tue Jun 02 17:44:41 EDT 2020
FreeBSD 11.3-STABLE
And all I get is a spinning checkmark that never finishes and almost feels like it's crashing the dashboard/version check menu option. And I'm getting nowhere, I need to know if I am on the latest firmware.My main router which I finally got back online as well. yay I now have over 100mb (300mb) Internet that I've been paying for for the past 4 years. But spontaneously some of my systems don't get the DHCP all of a sudden and it's not because of an update.
Netgate 3100
23.09.1-RELEASE (arm)
built on Fri Dec 8 15:55:00 EST 2023
FreeBSD 14.0-CURRENT
Which makes me think I'm a few versions behind, right?What's making this even more complicated after i got the 3100 back online and working every other system I have will not get an IP address over DHCP. the MAC generally get it, Windows 10 gets it, Windows 11 no, and as I found out today my mom's new Mac doesn't (no IP address assigned but manual works) but the old one does don't know why. It's almost like I'm plugging in an ethernet cable to a switch with no router on the other side but if I set a manual IP address it works but what is really confusing me is I have other devices on the same wired and wireless network which are getting DHCP just fine. I have been in network hell. I just rolled back the Kea DHCP Setting we'll see if that works? Meanwhile the old dell 3000 other than the bad fan bearing ( of course the power supply fan ) otherwise keep on chugging and was working great with the last version before the UI redesign until what I thought was its Final retirement a few months ago and was unfortunately a bit buried to the point where I can't change that easily or switch out with gigabit PCI NICs. Three years now I've been trying for both noise and power requirements to switch to the hardware that I bought what feels like ages ago And I've been practically pulling my hair out with the new version!!!!!! when did networking get so complicated.
-
An SG 1100 running 2.4.5 .... wow. Put it back where you found it. In a nearby future, you'll be getting a Retro-price for that one. KIM-1 and original Apple-1 are already way over $1000 these days.
More serious : get in contact with TAC, get a more recent firmware by mail, and upgrade by re installing. You'll be up an running within minutes.Your 3100 : your 23.09.1 isn't old at all. As a matter of fact, the successor just came out yesterday, and is called 24.03.
About DHCP : Visit System > Advanced > Networking and switch "ISC DHCP". You'll be suing the DHCP server that is compatible with the entire planet again.
@imark77 said in SG-1100 current firmware version? And DHCP troubles?:
when did networking get so complicated
Wait ... Why ? Ah, I get it. You have IPv6 questions ?
I'll be serious again : nothing really changed. Admining a router firewall still needs some continuous training, a bit like planes, pilots, MAX versions, etc, you know what I mean.
pfSense is like a Swiss Army firewall router device. 50 ways to do nifty things. 500 to hurt yourself.@imark77 said in SG-1100 current firmware version? And DHCP troubles?:
today my mom's new Mac doesn't (no IP address assigned but manual works)
Neither cable or Wifi didn't work ?
Did you saw the DHCP requests from the MAC reaching pfSense (see the pfSense DHCP server logs) ?
My opinion : stay away from "static IP assignments", as this needs manually handling and people tend to 'forget' things (I do). -
I would just flash the 1100 to 24.03 directly with a recovery image. Open a ticket to get one:
https://www.netgate.com/tac-support-requestSteve
-
Keep it? Is it that old already I just got it three years ago. or is it that it's running a version of firmware pre-dating using a "plus". Yeah… Just started a project ( a somewhat big project for me, Mobile event temporary, backup Internet ) and went to download the ISO, apparently there was a Community version! apparently there's also not a Community version now! looks like I'm moving to opesense for all my future needs ( I hope they do something with that horrible UI ), Netgate hardware for sale! Discussed. It was a project you could start off with get familiar with in a home lab / home setup and then grow into deploying in the real world I was a user since m0n0wall and had plans of using netgate stuff wherever possible and really liked the hardware/support offerings.
Yeah I was a bit confused why I was on different versions as I bought them both at the same time in 2020. I think for some reason I think it was last year I was having trouble with my settings and did a factory reset which didn't actually reset things and sort of bricked then had to contact for a recovery image. after that I don't think it updated. So I'm sitting here with two devices thinking ones getting updates did they discontinue the other one that's like brand new? I couldn't track down any information of what the current version supported was.
Yeah ISC DHCP I got the crazy message and enabled it kind of nuclear bomb scare kind of messaging. Then a month later I started noticing that some systems weren't getting IPV4 DHCP but putting in a manual address worked. I turned that off and now I have devices that are getting DHCP now. So weird some devices would and others weren't I thought it was windows 11 for a while and then I noticed it on another Mac but meanwhile my Mac is getting them fine so confusing. Yeah I'm one for compatibility but I'll take functionality over that.
I much prefer the DHCP reservations but yeah literally half my computers would get on no problem. then my mom got a brand new MacBook Pro it would connect to the Wi-Fi and get no DHCPv4 only DHCPv6. Same with windows 11 which is why I thought maybe it was part of the stupid windows updates. I thought it was just Wi-Fi then I started noticing it didn't matter whether it was Wi-Fi or Internet it just seems like it was individual systems and then the pattern started to emerge across multiple systems.
I attempted to poke around in the logs and never really found anything. I think I tried to packet capture at one point and I believe I was seeing the request."500 to hurt yourself." HAHAHA yeah did that with an older version. had a Dell opdPlex running the pre-net netgate version. One day I found out I was publicly exposing SSH due to a weird bridge configuration that was sort of working. Yeah I'm going education I understand but it seems like nothing has been working for me and I'm in this Bermuda triangle.
"Wait ... Why ? Ah, I get it. You have IPv6 questions ?"
IPv6... no yes no confused not a question I think maybe I need to reread it… Oh I get it haha. I am semi-familiar with it but it was annoying to have reasonable knowledge and yet not have service for the longest time that supported it, I can only go so far with theoretical and need to tinker.Thanks. yeah wasn't sure what the current version was supported wondered if anybody else might be having the same problem, before opening a ticket.
-
You can install CE using the new Net Installer. It even gives you options of which version you want to install.
-
@imark77 said in SG-1100 current firmware version? And DHCP troubles?:
is it that it's running a version of firmware pre-dating using a "plus".
There was always a Factory Edition of pfSense but they changed to the Plus naming a few years ago when it really started adding features.
Just to be clear the 1100 needs Plus because it's an ARM CPU and there isn't a CE version for ARM.
-
@SteveITS
Factory edition, now? Then there's CE which I assume is consumer edition. Sure add a plus but everything is getting confusing. After a long time of running an dell Omniplex with the downloaded ISO ( so simple only one option unless you want an older version or needed the arm variant ). I wanted some more powerful "quiet" less power-hungry hardware and I ordered 2 units 3 years ago that kept going on the shelf due to not being able to focus on configuring things. One of them updated fine when I pulled it back out and got started again and the other one decided it couldn't see anything to Update to. Just seems like a corporate policy is to push everything to the cloud subscription model and not care about the users that made the platform good successful and implemented it everywhere. Not necessarily arm related.@stephenw10
Net install interesting not sure if that's good or bad. I hate getting these download stubs that doesn't actually let you get a hold of the download file for an archive, sometimes you just need to reinstall something and you don't have Internet.I can't remember if I've mentioned but I am attempting to set up a mobile event Wi-Fi hotspot system due to the poor Internet coverage at our state park. They have events where a lot of vendors come in and they can barely get connections between phones with the user density and the park Wi-Fi is fed by consumer frontier DSL I believe. Came up with the idea last year thinking it wouldn't be that hard to get a few more pieces and put everything together. i was originally planning to use PFSense + Omada controller virtualized on a semi low power industrial system, ended up using Proxmox and that requires an ISO to upload.
I Planned to have a whole year to put it together ended up doing it Thursday before the weekend. Ended up going with plans c. Grabbing an AP, travel router and a hotspot. apparently it worked out well and umm I might've accidentally? ordered some overkill Wi-Fi equipment. Got the outdoor TP-Link stuff. I used the smallest outdoor AP and managed to cover the whole front of the park it's a semi small-medium in Town Park and that wasn't the really big crazy outdoor AP which I just found the other day that the box slipped down and got buried I thought I had another one.
Nearly having nightmares about VLANs. follow instructions, read things, watch videos, I think I have an understanding implement exactly as described and then have nothing work second-guess everything and go back to the beginning and repeat. Just finally got things figured out last night I think. I was trying to Bridge Main LAN control network to a VLAN control network and somehow that was causing a loop configuration on the trunk port of the switch. Assigning it as a separate interface and IP works but I really want the two segments to essentially be identical at least I'm finally feeling like I made progress.
That's on the 3100 and then most of this gets duplicated to the 1100 which my plan has been to make as a fully featured travel router that can do anything when I need more power than the small travel router I have that also doubles as a access point with a click of a switch. And now I'm gonna have a third network so I am hoping to keep it 90% similar so that the underlying structure is very similar. like using all the same the VLANs with similar names. Public equals guest IOT (yeah I don't trust them) otherwise naming is consistent.
-
@imark77 said in SG-1100 current firmware version? And DHCP troubles?:
CE which I assume is consumer edition
"community edition"... From the link I posted:
"Netgate announced the creation of pfSense Plus software, and the renaming of the open-source project to pfSense Community Edition (CE), in January 2021."Netgate never really labeled the Factory Edition anywhere in the software IIRC, it was just "pfSense" and was considered FE on Netgate hardware.
https://docs.netgate.com/pfsense/en/latest/releases/versions.html?highlight=factory%20edition#understanding-pfsense-plus-and-ce-software-version-numbers
-
@SteveITS interesting so behind on things.
I've ran into a few things so far but not that announcement. There's at least two Reddit posts that have a few hundred comments with interesting opinions and a note on Wikipedia.
Looks like I'm running into a "Invalid DOS Signature" problem flashing the image. Back-and-forth with Support starting to get annoying. I flashed it three different times 2 different ways and about the try a 3rd. And no windows doesn't help next I need to dig out another thumb drive.
-
What exact image? How are you flashing it? Where do you see the error?
-
On an 1100 that has not been updated like that it may still have an old uboot version on it that requires a compatibility recovery image.
It may also show that error if you try to boot an amd64 image instead of aarch64.
-
@stephenw10 thanks, that information seems legit and makes sense. Finally got in contact with Support spelled everything out they sent me the image sort of, two separate emails one with a link & instructions.
pfSense-plus-Netgate-3100-recovery-24.03-RELEASE-armv7
Tried two different USB sticks and three different programs including DD.
Forgot that they no longer have a file upload within the GUI so had to follow the instructions with the serial terminal. Mentioned I was having an issue to Support haven't heard back from them.## Starting EFI application at 05000000 ... WARNING: Invalid device tree, expect boot to fail efi_load_pe: Invalid DOS Signature ## Application terminated, r = -2
and
Marvell>> usb reset resetting USB... USB0: Register 2000104 NbrPorts 2 Starting the controller USB XHCI 1.00 USB1: USB EHCI 1.00 scanning bus 0 for devices... 1 USB Device(s) found scanning bus 1 for devices... 2 USB Device(s) found scanning usb for storage devices... 1 Storage Device(s) found
Marvell>> run recovery reading efi/boot/bootaa64.efi ** Unable to read file efi/boot/bootaa64.efi ** ** Unrecognized filesystem type ** libfdt fdt_check_header(): FDT_ERR_BADMAGIC No FDT memory address configured. Please configure the FDT address via "fdt addr <address>" command. Aborting! No FDT memory address configured. Please configure the FDT address via "fdt addr <address>" command. Aborting! ## Starting EFI application at 05000000 ... WARNING: Invalid device tree, expect boot to fail efi_load_pe: Invalid DOS Signature ## Application terminated, r = -2
-
@imark77 never mind just found the email from yesterday. They want me to run a command and send the result.
"run this command:"printenv
-
You have a 3100? I thought you had an 1100?
pfSense-plus-Netgate-3100-recovery-24.03-RELEASE-armv7
will only boot on an 3100.Marvell>> run recovery reading efi/boot/bootaa64.efi ** Unable to read file efi/boot/bootaa64.efi **
That tells me this is an 1100 or a 2100 and not a 3100.
So it looks like there has been some confusion here in the image request.
You need the 1100 compat recovery image. If you have your support ticket number I can get that sorted.
-
@stephenw10 yes/no. sorry about that I tried to be as clear about it as I could.
I have both, full stop.
They were both sitting on different versions. I bought them at the same time, so it was confusing as why one was wasn't updating the 1100 when the other one 3100 was on a newer Version.
I got sidetracked and I need to check if Support replyed yet but most of the comments were about the 1100. The 3100 was working part from DHCP which was related to Kea DHCP failing to hand out IP addresses to some of my devices, disabling Kea and returning the "end of the world ISC banner" mentioned in another thread elsewhere. solved that issue which came up in some of the conversations.
So far I am stuck waiting for Support for the 1100 as I am not sure the firmware that they gave is the correct one.
well guess what they gave me the wrong firmware!
That explains so much! grrrrrrr. I didn't catch that when I copied the file name. Now I don't feel like as much of an idiot.I reread my previous posts And Spotted some typos grrrrrr.
And lots of frustration, and rambling thoughts.
I solved my 3100 VLAN issues apparently port 5 of the integrated switch needs to be tagged as well. I think when I originally did this 2? years ago the documentation did not say that, it does now hmmm.@imark77 said in SG-1100 current firmware version? And DHCP troubles?:
"it was Wi-Fi or Internet"
Internet should be ethernet.
@imark77 said in SG-1100 current firmware version? And DHCP troubles?:
"Yeah I'm going education"
should be
Yeah on going education -
So you got the correct image and recovered it OK?
The 3100 internal switch port would always have required tagging there to pass tagged traffic to the internal NIC. It's possible the docs were updated but it wouldn't have worked without it.