Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Internet Connection Required On New Installations

    Scheduled Pinned Locked Moved Off-Topic & Non-Support Discussion
    8 Posts 4 Posters 408 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      dark.baritone
      last edited by

      Re: Mandatory internet connection on new pfSense installer

      @stephenw10 advantages for whom?

      It's completely nonsensical for router firmware to require an internet connection. What if I want to setup VPNs before I make any outbound network connections? What if my internet hasn't been installed yet and I want to setup my internal network while I'm waiting? What if my ISP requires some advanced configuration in order for me to connect? What if I need to assign a specific MAC address in order to connect?

      There are myriad different reasons why we wouldn't want to install with internet access.

      If you want to give someone the OPTION of checking for the latest update before installing, that's absolutely fine.

      Literally every Linux distribution works like this. There is no reason that pfSense can't do it.

      The old (correct) images are available here but the new 2.8 version is not there. When are those going to be added to the list?

      P 1 Reply Last reply Reply Quote 0
      • D dark.baritone referenced this topic
      • P
        Patch @dark.baritone
        last edited by Patch

        @dark-baritone No one is denying off line installation is not a useful software feature.
        However it makes no business sense for Netgate to create a free product with greater functionality than their paid product.

        If there is any chance of this happening in v2.8, it it must first be added to pfsense plus within their rights management structure. And as they have not built their rights management to support this, doing so may require a significant investment by Rubicon Communications.

        KOMK 1 Reply Last reply Reply Quote 0
        • S
          slu
          last edited by slu

          I would say, we saw in the last years it can go very fast that a part or systems in the are internet down. In this case you need a offline installer to bring the network up again, local for example.
          On reason why we use Ubiquiti as WiFi, its (now again) possible to setup a local WiFi without internet connection.

          On the other side I can understand Netgate and I'm very happy and thankfully I can run CE without online registration.

          Happy pfSense user since over 14 years, using CE and Netgate appliances.

          pfSense Gold subscription

          1 Reply Last reply Reply Quote 1
          • KOMK
            KOM @Patch
            last edited by

            @Patch said in Internet Connection Required On New Installations:

            However it makes no business sense for Netgate to create a free product with greater functionality than their paid product.

            Where did anyone say anything about greater functionality??? They're asking for the offline installer that has been the standard for many years.

            While I understand that Netgate is fed up with Chinese suppliers slapping pfSense on their mini-pcs, making your product worse for your users to benefit yourself is the textbook definition of enshitification.

            P 1 Reply Last reply Reply Quote 1
            • P
              Patch @KOM
              last edited by Patch

              @KOM said in Internet Connection Required On New Installations:

              greater functionality??? They're asking for the offline installer

              yep
              Plus can not do that.
              If you were a paying plus customer would you like plus to be able to do that?

              KOMK 1 Reply Last reply Reply Quote 0
              • KOMK
                KOM @Patch
                last edited by

                @Patch I'm sorry, I don't understand what you're saying.

                1 Reply Last reply Reply Quote 0
                • D
                  dark.baritone
                  last edited by

                  @Patch I am a paying Plus customer and obviously I would like it to do that.

                  P 1 Reply Last reply Reply Quote 0
                  • P
                    Patch @dark.baritone
                    last edited by

                    From my perspective the issue is the scope for a users contingency planning on pfsense router failure (initially of unknown cause). Netgate's current device locked licensing and lack of an off line installer doubles the cost of ownership and significantly reduces pfsense functionality. It is the reason I have not purchased plus licences.

                    My contingency planning is focussed on rapid restoration of service with minimum dependences, limited technical complexity, and a short time. Doing so involves the ability to swap out a failed physical system and replace it with another. First line using a box with pfsense pre-installed. Second line with my locally stored copy of pfsense installation media. The installation media has to work within my system without a functional router, for which an off line installer is most reliable. An online installer which uses that sites pfsense configuration may work but at best introduces higher risk in a contingency plan.

                    To achieve this economically I run pfsense on third party hardware which also does other roles. I have multiple physical devices performing tasks of varying importance (set top box for each TV, router a several sites). As well as each device running
                    running multiple virtual machines for other functions (PABX, Unifi controller, surveillance cameras etc). The overall effect is all hardware is utilised but relatively spare hardware can be rapidly commandeered if required.

                    For this to work with pfsense plus I need to be able to install pfsense on multiple virtual machines and transfer a licence from a failed to a replacement device if required. Ideally by entering registration details in the replacement hardware (which would warns doing so inactivates the prior registration) or doing the same via a Netgate portal. Either of which implies such a transferable pfsense plus licensed device regularly checks licence validity with a Netgate server (making a transferable licence incompatible with a pfsense installation without online access to the Netgate licence server).

                    I'm not sure how large the market is for off line Netgate routers. Such an installation would require a non trivial protocol to update pfsense software, which even on Netgate hardware would not be simple. With an off line installer including all patches was available, this could be taken into the secure environment and used to re-install / update pfsense. My understanding there has never been an off line installer with all patches (or packages) as such I suspect software update would require secure erasing the pfsense disk, physically moving the hardware out side of the secured environment, programming it with current pfsense software, returning it to the secure environment, import the sites pfsense configuration file. Not something done frequently and probably not a large market but I could be wrong.

                    Similarly my use case is probably also a small market, however I suspect the market for economic contingency planning is much broader. As such many users are likely to benefit from the licence transferability and off line installation options which maybe possible it a monitored plus licence option was offered.

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.