Package Manager unable to communicate to

  • Hello,

    I'm running two pfsense boxes through the same ISP.

    One is at the office and the other is at the ISP's colocation facility.

    The one in the co-location facility hasn't ever been able to bring up the package manager screen while the one at the office can.

    I get a message "Unable to communicate to Please check DNS, default gateway, etc." when I go to packages.

    I've seen a couple of posts in google about this.  One mentioning allowing DNS server list to be overwritten by DHCP/PPP on WAN and the other about a problem at pfsense's ISP.

    I'm not quite sure where else to turn.

    Thanks in advance.

  • You have to make sure that your pfSense can resolve hostnames. In case you have static IP assignment at your colocation (I guess you have) make sure you have entered some valid DNS servers at system>general. When not using DHCP or PPPoE WAN untich the override box (though it should not be needed). To test if DNS is working go to diagnostics>ping and try to ping

  • On the system I can't view the packages, I get…

    Ping output:

    PING ( from 56 data bytes

    --- ping statistics ---
    3 packets transmitted, 0 packets received, 100% packet loss

    On the system that I can see the packages, I get...

    Ping output:

    PING ( from 56 data bytes

    --- ping statistics ---
    3 packets transmitted, 0 packets received, 100% packet loss

    Additionally, from the shell on both systems.

    traceroute from the unable to communicate to system

    traceroute to (, 64 hops max, 40 byte packets (  0.570 ms  0.569 ms  0.484 ms (  0.357 ms  0.339 ms  0.237 ms
    3  * * *
    4 (  0.562 ms  0.590 ms  0.480 ms (  0.608 ms  0.463 ms  0.491 ms (  11.229 ms  11.207 ms  14.480 ms (  11.352 ms  11.219 ms  11.365 ms
    8 (  20.854 ms  20.855 ms  20.879 ms (  20.774 ms  20.735 ms  20.706 ms
    10  * * *
    11  * * *

    That third hop consistently shows up as such.

    Traceroute from the one that is able to see packages.

    traceroute to (, 64 hops max, 40 byte packets (  1.085 ms  1.071 ms  0.877 ms (  0.821 ms  1.119 ms  0.855 ms (  1.485 ms  0.826 ms  0.566 ms
    4 (  1.004 ms  1.137 ms  1.146 ms (  164.659 ms  184.189 ms  1.864 ms (  17.166 ms  11.632 ms  11.683 ms (  11.603 ms  11.640 ms  11.969 ms
    8 (  21.200 ms  137.032 ms  99.030 ms (  21.176 ms  21.458 ms  21.196 ms
    10 (  36.252 ms  36.235 ms  35.968 ms
    11  * * *
    12  * * *

  • Both machines run 1.2 release? Is there the possibility that something is filtered in front of the box that is not working?

  • Yes, both running 1.2 release.

    Possible it's blocked but that makes no sense to me (bearing in mind I'm not a routing guy) considering the traceroute hops look very similar.

    Also am I supposed to be able to ping from anywhere?

    Regardless of 3 different service providers, I'm unable to ping it.


  • ping is icmp (which we actually don't allow). the packagemanager uses tcp. do both machines use the same dns servers?

  • Yes they do.

    I assume the output of the ping showing that resolving to shows that it's working.

    Oddly, from other machines behind that pfsense install, I can telnet to port 80 and traceroute without that pause at hop 3 or 4.

    I'm wondering if it's the ISP.  But they're not great at figuring out what is wrong when I mailed the results of the two traceroutes to them.  I'm thinking that consistent pause in the traceroute is somehow related…


  • Well, looks like it was something at the ISP side of things.  According to a tech rep, the IP assigned to our WAN interface was conflicting with someone else's subnet.

    They didn't elaborate.  The traceroute with the third hop stuttering isn't fixed but at least now I can get to the packages.