PfSense stops processing traffic
I've been testing moving our current firewall/gateway from ipfw to pfsense, in a recent emergency situation with our main firewall, I replaced our ipfw firewall/gateway with two pfsense firewall/gateways. However I'm having two major issues:
First, every 48-72+ hours our primary pfsense box stopps passing traffic, everything else is accesible (i.e. I can login to the webgui, cpu usage is low, webgui is responsive). I then issue a reboot and within a few seconds traffic starts flowing again.
Second, I'm using carp…when testing, fail over works good (I pull the WAN cable from the box and it fails over to my second box). However during this outage where no data is being routed, fail over does not happen. When I reboot the first box to fix the above scenario, fail over then occurs and data starts flowing within seconds of the reboot listed above. Then within a minute or two, our first box because primary again. Data flows through fine for a period of time until it happens again.
Since sunday (12/22/13, which is when I installed and moved to pfsense), we've had three outages, the first occurred 24 hours later, the second occurred 72 hours after the previous one, and then then third occurred 3 hours after the previous one.
It's been suggested that the issue may be states, however I'm only usually pfsense as a router at this time (firewall is disabled in advanced settings), and NAT is disabled as well. States table size has always show 0. Also, after the first outage I reset the configs on both gateways and re-configured everything in case I had messed up something the first time.
My issue is, is this product just not suitable for our installation or is it broke from the beginning. I don't mind paying for support, however do I pay for support from the developer if it's broken from the beginning (is this a way for them to get support contracts)? Or should I just look for a different/commercial vendor?
Please help if you can or suggest alternatives...I'm not sure what to do and I suspect I'll have another outage soon.
for help, you probably have to give us more details/logs/system specs/diagram of network | whatever you have available that could help diagnose the issue.
what do you mean broken from the beginning? did the initial install have issue's ?
without further intel, theres not much we can do i'm affraid.
Moderator…please delete this post....I've just paid for premium support to solve this issue.
Or better yet, once it's solved post a summary of what the problem was and how it was fixed, for future reference.