Upgrade to pfSense Plus – Post Upgrade - Update Status Slow / System Update Menu Unresponsive
-
I recently upgraded pfSense from the CE edition to Plus. The upgrade itself completed without any major issues. However, post-upgrade I'm seeing a couple of annoying problems:
The dashboard's "Obtaining update status" takes around 30 seconds before it shows "The system is on the latest version", which is incorrect — it's still on version 23.09.1.
The System > Update menu is completely unusable. It just loads indefinitely until it eventually times out.
Everything else in the UI and system seems to be working fine — firewall rules, DHCP, VPNs, etc.
Has anyone run into this after moving to pfSense Plus? Any idea how to fix this update check / menu issue?
Thanks in advance.
-
Try runnning at the command line:
pkg -d updateand
pfSense-repocSee if either show any helpful errors.
-
pkg -d update - It failed all connection attempts. Here are the last ones:
Couldn't find host pfsense-plus-pkg-devel00.atx.netgate.com in the .netrc file; using defaults Trying 208.123.73.207:443... Trying [2610:160:11:18::207]:443... Immediate connect fail for [2610:160:11:18::207]: No route to host ipv4 connect timeout after 29905ms, move on! Failed to connect to pfsense-plus-pkg-devel00.atx.netgate.com port 443 after 30034 ms: Timeout was reached Closing connection DBG(1)[45028] CURL> attempting to fetch from , left retry 1 Couldn't find host pfsense-plus-pkg-devel01.atx.netgate.com in the .netrc file; using defaults Trying 208.123.73.209:443... Trying [2610:160:11:18::209]:443... Immediate connect fail for [2610:160:11:18::209]: No route to host ipv4 connect timeout after 29845ms, move on! Failed to connect to pfsense-plus-pkg-devel01.atx.netgate.com port 443 after 30038 ms: Timeout was reached Closing connection pkg: An error occured while fetching package Unable to update repository pfSense Error updating repositories!and
pfSense-repoc
pfSense-repoc: failed to fetch the repo data failed to read the repo data -
Ok that's showing no connectivity in general.
Check Diag > Routes. Make sure there is a default route and it's correct.
If there isn't make sure the WAN gateway is set as default in System > Routing > Gateways.
-
I will check.
Interesting though, because pre-upgrade to Pro, the CE edition updated just fine.
-
I have upgraded pfsense yesterday Apr-02-2025 to latest version. Upgrade failed multiple times. Also when I connect my wifi router to pfsense, I see no network and cannot access management console
Setup is pfsense is connected to Internet modem on wan port. A wifi router is connected to pfsense on Port1LAN
Pfsense IP address is 192.168.1.1, when I connect to wifi router which is configured as Access Point, cannot access pfsense management console, if I connect the ethernet, I do not see LAN icon. However I can access the management console when connecting laptop to Pfsense on LAN port.
I cannot access serial port console; earlier, it was working.
I suspect the upgrade is the reason for these issues, let me know if I can downgrade to previous version
Platform: Netgate 4200
Software Platform: pfSense
Netgate Device ID: ***************-192f
Software Version: pfSense Plus 24.11 -
@sam422 if you have a 4200 you already had Plus so seems like a different issue. You can revert using https://docs.netgate.com/pfsense/en/latest/backup/zfsbe/index.html.
-
@sam422 said in Upgrade to pfSense Plus – Post Upgrade - Update Status Slow / System Update Menu Unresponsive:
I cannot access serial port console; earlier, it was working.
Nothing in a software update would affect that. Perhaps you have some change in the terminal setup. Or some hardware issue.
-
@sam422 said in Upgrade to pfSense Plus – Post Upgrade - Update Status Slow / System Update Menu Unresponsive:
Pfsense IP address is 192.168.1.1, when I connect to wifi router which is configured as Access Point, cannot access pfsense management console, if I connect the ethernet, I do not see LAN icon. However I can access the management console when connecting laptop to Pfsense on LAN port.
That access point, what is its IP(v4) ? if it's also 192.168.1.1, then that would explain a lot.
-
@Gertjan Isn't 192.168.1.1 the management console IP?
-
pfSense uses as a default LAN the 192.168.1.1/24 network.
If your AP does the same thing (as many do) it also winds up using 192.168.1.1/24.
Then, when you hook up the AP to the pfSense LAN port, you have a fail.Solution : assign an IP like 192.168.1.2 to the AP (DNS and gateway should still be 192.168.1.1 = pfSense)
-
@stephenw10 Thanks, may be a cable issue. I'll check that
-
@sam422 been trying to solve a similar problem for about 2 weeks. finally turned off ipv6 on the WAN and was able to get pkg -d update update to work.
Was set to DHCPV6 and was working fine for ages but then everything stopped checking for update and couldnt update or remove packages.
-
@hulleyrob I'll try this, sure the upgrade screwed the router
-
@sam422 just rebooted and everything is now working normally again managed to update the system packages which being unable was how i knew there was a problem.
pkg -d update gave loads of similar warnings to this:
- Couldn't find host pfsense-plus-pkg00.atx.netgate.com in the .netrc file; using defaults
- Hostname pfsense-plus-pkg00.atx.netgate.com was found in DNS cache
- Trying 208.123.73.207:443...
- Connected to pfsense-plus-pkg00.atx.netgate.com (208.123.73.207) port 443
- ALPN: curl offers http/1.1
- CAfile: none
- CApath: /etc/ssl/certs/
- SSL certificate problem: unable to get local issuer certificate
- Closing connection
which is problem why the upgrade checker wasnt working and couldnt even remove a package.
disabling ipv6 on the wan seemed to fix it for some reason.
-
@hulleyrob said in Upgrade to pfSense Plus – Post Upgrade - Update Status Slow / System Update Menu Unresponsive:
disabling ipv6 on the wan seemed to fix it for some reason.
But IPv4 was used :
@hulleyrob said in Upgrade to pfSense Plus – Post Upgrade - Update Status Slow / System Update Menu Unresponsive:
Trying 208.123.73.207:443...
The issue is/was this : "SSL certificate problem: unable to get local issuer certificate" .....
Not sure, but it won't hurt, if this helps :
certctl rehash -
@Gertjan it didnt but I did try it earlier on.
It was weird the only thing I have changed in months was adding DHCPv6 which is why I set it back to none. I guess it could have just been unrelated and fixed when it rebooted but I thought i should mention it as thats what I did.
