previous thread

Unable to see the Prolific PL2303 when I connect my Win10 laptop to the SG-1100. I have tried this having removed the board from its casing as to enable my micro USB cable to be inserted fully into the port. At this stage my laptop does not respond in any way when I connect it.

What are my next troubleshooting steps...solder a new micro USB port to the board?

Set up my first 4200 today. Replaced an old 3100 (which was working fine after 6+ years btw...)

LUCKILY I was able to figure out a way to get the config upgraded and interfaces reassigned using trial and error, Wireshark, and a bit of luck. The unit is running great on 24.11 + Kea DHCP.

BUT what should have been a 30 minute task ended up being close to 2 hours because I just couldn't get the damn console port to work. It would just display a blinking cursor, no output or apparent input happening. COMx port was fully detected in Device Manager and/or macOS /dev/cu.usbserial-xxx as well.

I read https://docs.netgate.com/pfsense/en/latest/solutions/netgate-4200/connect-to-console.html and have done this many times before with similar units, never had any issue! So I don't think it was a PEBCAK or ID10T error. I (re)installed the CP2104 VCP drivers, played around with different terminals, factory reset the unit, played around with baudrates 9600-115200, even tried 2 different laptops (1 Mac and 1 Windows)...

Is there something special or different about the port on the 4200 that requires some voodoo?

Did I receive a faulty unit? A bad USB-serial cable?

This release brings several major features that our users have requested, along with over 70 other improvements and bug fixes. Major features include:

• Kea DHCP Enhancements, including support for High Availability, as well as increased integration into Unbound. Among other things, this allows for DHCP client registration in the Unbound DNS Resolver and smoother updating of Unbound.
• Multi-instance Management Early Look
• System Aliases in Custom Rules
• NTP Authentication

Blog Post: https://www.netgate.com/blog/netgate-releases-pfsense-plus-software-version-2411-0
Release Notes: https://docs.netgate.com/pfsense/en/latest/releases/24-11.html

Purchased on Facebook Marketplace 11 days ago / delivered last week. Purchased power adapter off Netgate Store last week / arrived yesterday.

On Web GUI, default credentials (admin / pfsense) do not work. Do not have existing password. Contacted FBM seller for password / has not responded.

Tried using multiple USB A-to-micro cables with / ports on my Linux laptop / unable to see /dev/ttyUSB0, even when SG-1100 is powered on.

Tried using multiple USB ports on my Win10 laptop / connecting SG-1100 w/ power on shows no change in Device Manager. Tried installing PL2303 drivers on Win10 laptop / no change.

The pursuit and stand-up of Netgate hardware has been an aggravating waste of time and money. I'm about to just give up and assemble a spare PC for pfSense instead.

Hello!

Thank you in advance for any guidance.

I have a 4100 on version 24.03 connected to a ATT router to a ADSL network. I also connect to the office VPN.

I've encountered a strange scrolling issue on my computers. I can be scrolling thru email, or a long web page and suddenly it will jump to the top of the page. It happens on a windows 10 pc, an macbook and a dell laptop on windows 11.

The ATT router is not in bridge mode so I'm double nat'ing.

Other than the weird scrolling thing, and slow provider, all else seems to work fine.

Thoughts or advice? I've done some IT work and never seen anything like this before.

thank you!

_john

Will there any Black Friday Sales for Netgate product this year? Online or Retail. Thanks!

We're growing and Netgate is looking for a few Production Support Analysts to join our team as a member of TAC (Technical Assistance Center). Join our team of customer-facing support engineers helping our fantastic customers around the world.

• Our team works 12-hour shifts (4 days one week, 3 days the next week, rotating) so you get 7 days off every two weeks.
• Constant exposure to different issues to sharpen your analytical and critical thinking skills.
• TAC can be a stepping stone to other roles in the company. This is part of the reason we're growing right now.
• This role can be performed remotely, offering flexibility in work location.
• You will be a member of a close-knit team that makes it their mission to solve problems and create happy customers.
• Most members of this team have been with Netgate for years.

If this interests you and you are a high-performing team player, drop us a line. The full job description and instructions can be found at https://www.netgate.com/jobs/production-support-analyst

Principals only.

My hardware is connected per the Netgate getting started instructions per below

Frontier ONT>Cat 6>4200 Port 1 PC>Cat 6>4200 Port 2

When I power up the 4200 with it connected per above I can’t access the web interface via 192.168.1.1.m, site not found

I disconnect the Ethernet cable from port 1, restart the 4200, and I can access the 4200 on 192.168.1.1. is this normal behavior?

If called Frontier thinking that maybe the Frontier ONT had to be placed into bridge mode but was told the ONT does not have a bridge mode. It just passes data though and does not assign IP addresses.

Do I just finish configuring the 4200 then plug the 4200 back into the ONT to be able to access the web?

Thanks for any help.

Hi,

I'm trying to install pfsense+ on a dedicated server via IPMI and I'm getting two issues.

First the boot fails with error 19 when it can't find the image on /dev/iso9660/PFSENSE

https://preview.redd.it/tuszavop0q1e1.png?width=1048&format=png&auto=webp&s=c8f55707dcd97aa35af7adee1934fd69d9e7ea7b

But if you typecd9660:/dev/cd0 it boots the installer. After loading everything, it doesn't start the installer with the error "Cannot connect to the installer daemon", as showed below. Retrying doesn't help.

https://preview.redd.it/s6lr5u6y0q1e1.png?width=658&format=png&auto=webp&s=27f5d75d26afcb28e30e79306bf6e622b7b56734

And the content of /var/log/daemon.log

system_get_rootfs_mount: invalid rootfs label: /dev/cd0

cannot get the rootfs mount info

failed to load the system settings

https://preview.redd.it/231xojdf1q1e1.png?width=654&format=png&auto=webp&s=fb9a05dfffdc3ec289af787b9b38b0cf97fccf58

And I can't get past this. Please, someone knows how to fix this and start the netgate installer?

Thanks.

Hi, i read that some netgates emmc fails due to logging over the time. I ordered a 6100 max with builtin SSD. Am i fine or will the SSD die in a short amount of time, too? I won't use external packages, Just 2 wan loadbalancing and Routing for 4 vlans with around 1k clients. Once Setup successfully i think about deactivating Firewall logging and only activate IT in Case of Problem Analysis. Any thoughts? Thanks

This release brings several major features that our users have requested, along with over 70 other improvements and bug fixes. As we prepare for the GA release, we invite you to try out the Release Candidate and share your feedback with us. 

Learn More: https://www.netgate.com/blog/netgate-releases-rc-of-pfsense-plus-software-version-2411

TNSR 24.10 is now available! New features include VPF for NAT and Filters, DHCP relay support, and core performance updates. 

Netgate TNSR is a high-speed (exceeding 100 Gbps) virtual router and VPN aggregator. TNSR is the answer for businesses, governments, and xSPs looking for scalable routing without the six-figure price tag.

Learn More: https://www.netgate.com/blog/netgate-releases-tnsr-software-version-2410

#TNSR #Netgate #router #vpn

This release brings several major features that our users have requested, along with over 70 other improvements and bug fixes. Major features include: 

• Kea DHCP Enhancements, including support for High Availability, as well as increased integration into Unbound. Among other things, this allows for DHCP client registration in the Unbound DNS Resolver and smoother updating of Unbound.  
• Multi-instance Management Early Look
• System Aliases in Custom Rules
• NTP Authentication

Learn More: https://www.netgate.com/blog/netgate-releases-beta-of-pfsense-plus-software-version-24-11 

Hi all.

Im getting alot of collisions on my LAN part of the network.

After restoring settings, i see alot of settings being messed ud.

Could one with a Netgate 4200 tell me what their default LAN settings are please?

Im looking for hardware settings in system/advanced/networking

We're honored to announce that pfSense software has received 35 awards in the G2 Fall 2024 Report, including top rankings in multiple firewall and VPN categories. Thank you to our amazing customers for the stellar reviews!

Learn More: https://www.netgate.com/blog/pfsense-g2-fall-2024

Hey guys I’m using Netgate 6100 ( running Version 24.03-RELEASE ), can someone help me figure out how to schedule a reboot every once in a while from the dashboard.

I have to upgrade from a Netgate 1100 which I cannot use the web GUI to log into. When I attempt to navigate to 10.0.0.1, which is the gateway to the router, I get no response from the Netgate (ERR_CONNECTION_TIMED_OUT). Unfortunately, the Netgate had a few configurations that created some port forwards as well as VLANs for specific IPs. I did not create this configuration and thus do not have the documentation to build a new config for the Netgate 4200 I'm installing.

Does anyone know of a way for me to access the config of the Netgate 1100 without doing a factory reset (which would erase the config I want access to)?

Check out our latest blog post! It dives into how to optimize your network security and conserve address space using TNSR software. Learn about configuring point-to-point links with /31 and /127 network masks for both IPv4 and IPv6.  

🔗 https://www.netgate.com/blog/using-tnsr-software-to-conserve-address-space-and-improve-security

The job description can be found at https://www.netgate.com/jobs/production-support-analyst

Do you want to be a member of our renowned TAC team? Does a 12-hour shift with 7 days off every 2 weeks sound appealing? Want to be a member of a fantastic customer-facing team? If your skill set fits the requirements, please send your resume and cover letter to hr@netgate.com

I'm new to home networking. I bought a Netgate 4200 thinking it could also serve as providing my wifi without additional access points since I've never needed them before.

I typically only Reddit lurk so this is a brand new account.

Trying to create a good home network piece by piece and clearly bit off more than I could chew with this one (thought buying the Netgate appliance would be EASIER). I had an OpenWRT pre-flashed device that was simple but broke after a year.

Edit: if I purchased an Access Point, would TacLite support be enough to walk me through setting it up?

with one AP I can still have multiple networks (one for each: VPN, work, iot devices)?

I am running with 23.09.1-RELEASE. But today after my ISP did an upgrade and the router/modem Sagemcom 3890 was restartet and got a new IP the wan interface doed not manage to get this IP. I have restartet both Sagemcom 3890 and the netgate 2100 multiple times. It works fine to directly connect the mac to the ISP router and I get a real IP. It also works fine to connect my Deco BE65 router directly to the Sagemcom 3890, bypassing the netgate firewall. 

How can I find out what goes wrong? I have tried changing network cable but it ends up the same.

https://preview.redd.it/0cs5hbhq56nd1.png?width=1208&format=png&auto=webp&s=9c66e52ef4d3e1dc84b9055e257a4d3769c86cc2

https://preview.redd.it/g6efy8jr56nd1.png?width=2414&format=png&auto=webp&s=a4fb16565961a43de47d37d12937f3f380a95988

I'm running Pfsense CE bare metal on a self assembled box with an

• i5 7600K
• 16 GB DDR4 RAM
• Intel I350 Quad Port

There are roughly 10 VLANs on it, a handful of firewall rules, some NAT rules, DHCP and a DNS forwarder. I'm doing no heavy packet inspection whatsoever.

I've recently swapped out my Intel X520 DA2 cards for Mellanox ConnectX-5 MCX516A as I've upgraded to a 25 GBit/s WAN connection. I was able to achieve a stable ~9.3GBit/s up/down with the Intel cards. It didn't work as smooth with Mellanox and I actually got worse speeds. After some time of tweaking I'm now at ~15 GBit/s up/down while the CPU sits at rougly 50% utilization.

The speed however varies from test to test. Sometimes I only get 10 down and 15 up, sometimes its the other way around (usually neither are below 10). I've ran some tests without my pfsense and I'm constantly able to achieve 22-23 GBit/s up/down, so I'm pretty sure my ISP is not the culprit here.

Is there any hope in trying to tune it more to achieve speeds closer to line rate? Has anybody done that with comparable hardware? I've read there are software limitations due to the packet processing running in kernel mode instead of userland. I'm just wondering if it makes sense to pour more time into it.

I wanted to try out TNSR and found a blog post here: https://www.netgate.com/blog/tnsr-home-lab but it seems I'm not able to find the homelab version for it.

Thankful for any suggestion

In the age of automation, CLI remains crucial for network engineers. TNSR software router offers an industry-standard CLI, making it easy for experienced engineers to configure and troubleshoot.

Here is a new technical resource to help anyone master the TNSR Command Line Interface (CLI).

Read Now: https://www.netgate.com/resources/mastering-the-tnsr-command-line-interface-cli

We're thrilled to share an in-depth Q&A session featuring our Lead Engineer, Leon, and our VP of Marketing, Glen. In this engaging conversation, they discuss the innovative Multi-Instance Management feature in pfSense and what it means for network administrators and businesses. 

Watch now: https://youtu.be/41gqqgA9zeM

Hello :)
I have not been using PFsense since before Netgate time, but Im looking at an Netgate appliance to use on my home network.

I been looking at the 2100 as it seems to be powerfull enough and not costing too much here in Norway, but I was wondering why is it the only one who has an switch built in?

I know PFsense is mostly about separate ports for separate networks, but there must be a reason why the 2100 has an switch on the 4 "lan" ports

Hello Professionals

I'm seeking your help with an issue on my Netgate 1541 RAID. Recently, I've been getting "pfr_update_stats: assertion failed" errors. This is preventing me from browsing or accessing shared storage on my network. I've tried rebooting the device and upgrading from version 23.09.1 to 24.03, but the problem persists. Could anyone here explain what this error means and how I can fix it? Thank you.

Console view

https://preview.redd.it/trtf1sy2ogkd1.jpg?width=540&format=pjpg&auto=webp&s=10dbfcc689a6c8cc3c39f2e3e9e383c6ea9fae3d

WebUI view

https://preview.redd.it/3xugziu6ogkd1.jpg?width=960&format=pjpg&auto=webp&s=2e0e2900e2bb52ca4f335662536e7146d20a6224

I've got a single license bound to a mini computer. I've got another one coming that uses much less power. Can I just remove Pfsence from the older one and use the License on the new router?

Hey everyone! I have a very simple request, and I'm happy to read about it. I have an 1100, and I am just doing some testing. I have two IPsec tunnels. I made them a gateway group and made it the default gateway. Both tunnels are up, and everything seems cool. I'd like to verify with you that it means LAN traffic is going out that route by default, and then I would also like to block traffic going out WAN if IPSec is down.

In this particular case, IPv6 has to stay disabled (don't flog me too hard). So, upstream was disabled, the v6 gateway deleted, and v6 DHCP disabled.

VTI, route-based tunnels 1 and 2 are up on phases 1 and 2. You can reach the other side of the tunnel.

Thank you so much.

We’re excited to announce important updates to the integration of Kea DHCP into pfSense software, adding support for DHCP High Availability and improved support for registration of DHCP hostnames with the Unbound DNS Resolver. With the release of pfSense Plus software version 24.08, users who require DHCP HA support or DNS resolution of DHCP hostnames can now migrate from the ISC DHCP backend to the Kea DHCP backend.

Key benefits include:

• Simplified Setup: Kea DHCP uses a single, global HA configuration, which is easier to set up and manage than ISC DHCP's per-interface configuration.
• More Reliable Failover: Kea operates in "hot standby" mode, providing more reliable failover, especially when booting a secondary node.
• IPv6 Support: Those using IPv6 will benefit from HA support for DHCPv6, a feature not available with ISC DHCP.
• Improved Security: Kea DHCP supports optional TLS encryption for HA traffic, enhancing the security of your DHCP setup.

Learn more here: https://www.netgate.com/blog/improvements-to-kea-dhcp