PfSense 2.1 amd64 UNABLE TO CHECK FOR UPDATES



  • Hi Everyone,

    I searched for awhile and couldn't really find any useful information so I decided to make a new post.

    The issue I'm having is with a pfSense box we're working on implementing at a Library. We have VLANs set up in an Active Directory environment.

    I just wanted to get internet access to it so I could install packages and halfway configure it, so I gave the WAN interface a 192.168.x.x/24 IP and UNblocked "private addresses"….I am able to ping the Gateway...ping Google DNS...NSLookup several sites (yahoo.com, google.com, etc).

    BUT it is unable to check for updates?...

    Any Ideas on this, I've seen some other posts with update issues but none seem to have answers...

    Thanks


  • Netgate Administrator

    Can you fetch the versions file from the command line?

    [2.1-RELEASE][root@pfsense.localdomain]/root(2): fetch -o /dev/null http://updates.pfsense.org/_updaters/version
    version                                       100% of   12  B   71 kBps
    
    

    Do you have the update URL set correctly? Go to System: Firmware: Updater Settings: and select the appropriate url from the drop down.

    You might also try this:
    https://doc.pfsense.org/index.php/Controlling_IPv6_or_IPv4_Preference

    Steve



  • Hi Stephenw10,

    Thank you for the reply.

    Well…I shutdown the pfSense box yesterday afternoon, without making any further changes. I just turned it back on and it booted up and WAN interface is working properly now.

    Sorry for the troubles, I have just never had any problems before with interfaces not refreshing properly while turned on, so I didn't even think to reboot...

    However, I did go ahead check the version file anyway...

    $ fetch -o /dev/null http://updates.pfsense.org/_updaters/version
    /dev/null                                               12  B  146 kBps
    

    Thanks again for the reply and information



  • If others get this, check your default gateway.  I have all my LAN traffic going out through a gateway group, and the default gateway has been offline for six months but the other one is up, so everything has been working, but update checks were failing.

    Thanks to stephenw10's test, a "no route to host" got me clued in on what to check.



  • My particular problem was I had set the DNS forwarder service to bind only to the LAN IP's, and it turns out Localhost needs to be added to the list to bind to as well - otherwise the firewall itself cannot resolve the dns name for the update server.

    This post had the info that clued me in -
    https://forum.pfsense.org/index.php?topic=68164.15



  • YES!!

    This has been bothering me for months! This fixes it.

    Thank you.

    @eduardr:

    My particular problem was I had set the DNS forwarder service to bind only to the LAN IP's, and it turns out Localhost needs to be added to the list to bind to as well - otherwise the firewall itself cannot resolve the dns name for the update server.

    This post had the info that clued me in -
    https://forum.pfsense.org/index.php?topic=68164.15