Activity
From 12/15/2023 to 01/13/2024
01/13/2024
-
11:06 AM Bug #15036 (Confirmed): Traffic Shaper Wizard Dedicated generates error
- I've replicated the issue on:...
01/11/2024
-
01:28 PM Bug #15153 (Not a Bug): Backup Restore Issues restoring (Restore Area: Firewall Rules) Aliases for Subnets
- That is expected behavior in this case, as the Firewall Rules area of the backup/restore selection does not include A...
-
07:56 AM Bug #15151: OpenVPN TAP & BRIDGE
- Jim,
we don't need a forum, we need a contact to people who have real influence on the pfSense code - you don't ha...
01/10/2024
-
11:28 PM Bug #15149: Hardware Crypto showing No Hardware Crypto Acceleration for system with crypto chip installed
- 25.05.01 It has no issues with that ID
-
- @Jim Pingle
@dco_update_peer_stat: invalid peer ID 0 returned by kernel@
shows when using the crypto chip it... -
- Hello fellow Redmine members,
I wanted to report a bug I found in the Backup Restore section of pfSense Plus.
... -
- A tap bridge is only useful for linking L2 which would see MAC addresses, so you reserve hosts in DHCP by MAC address...
-
- I checked what you suggested but from the client side it is also no longer possible to make a bridge with the OpenVPN...
-
- I provided a link with the "official" way to bridge OpenVPN to a LAN.
Third party guides/videos are not good refer... -
- You remain in error.
Somehow it was able to work well for 6 years and I think it was used by many people who use T... -
- Normally with a tap bridge you don't have an interface address / tunnel network on the member interfaces, only on the...
-
- When configuring OpenVPN TAP with a static address pool, there is a problem when configuring the TAP bridge with anot...
-
- I have diagnosed something, so far I know that removing the TAP bridge from the LAN solves the problem above.
Is t...
01/09/2024
-
- This is what I mean by rule id I use it with my LED script. With the new rules when using them with wlan address they...
-
- https://forum.netgate.com/topic/185443/example-of-layer-2-ethernet-firewall-rules
I was able to get it to work how... -
- If it's shown on the dashboard as active, and there is kernel encryption happening on the VPN (e.g. OpenVPN DCO, IPse...
-
- Is there anything I can do because I have the older 2100 that has this chip, I understand the new 2100 does not come ...
-
- The OpenVPN crypto hardware choice is not relevant and hasn't done anything meaningful in years. It should probably b...
-
- New firmware was installed also same issue
-
- https://forum.netgate.com/topic/185411/23-09-01-hardware-crypto-showing-no-hardware-crypto-acceleration-for-system-wi...
-
- The Hardware Crypto is no longer showing up under OpenVPN configuration. My Netgate appliance has a crypto chip insta...
01/04/2024
-
- Jan 4 13:00:00 openvpn 21642 Exiting due to fatal error
Jan 4 13:00:00 openvpn 21642 FreeBSD ifconfig failed: ...
01/03/2024
-
03:23 PM Bug #15097: Upgrade to 23.09.1 is not offered for 23.05.1
- I had this issue on appliances while upgrading to 23.09 two branches back, where new version check was always failing...
01/02/2024
-
03:48 PM Bug #15097: Upgrade to 23.09.1 is not offered for 23.05.1
- Marcos M wrote in #note-4:
> The issue is due to a missing @.default@ file, e.g. @/usr/local/etc/pfSense/pkg/repos/pf... -
- At this point things removed from 3100 are unlikely to return as they were probably removed due to problems with armv...
12/31/2023
-
12:43 AM Bug #15126: SG-1100 pfSense+ recovery results in non aligned disk slices
- David Burns wrote:
> Currently preparing for an upgrade of SG-1100 remote worker fleet.
>
> However after install...
12/29/2023
-
07:48 PM Bug #15097 (Resolved): Upgrade to 23.09.1 is not offered for 23.05.1
- The system link does exist:...
-
11:25 AM Bug #14005: SFP Interfaces not available with Traffic Shaper in v23.01
- For info; I have updated the Netgates to version 23.09.1 and the problem still exists. The interfaces Clx0 and clx1 (...
-
03:11 AM Bug #15126 (Resolved): SG-1100 pfSense+ recovery results in non aligned disk slices
- Currently preparing for an upgrade of SG-1100 remote worker fleet.
However after installing the latest SG-1100 rec...
12/23/2023
-
- I would imagine that the reason it wasn't mentioned in the release notes is because iSCSI support isn't officially su...
-
- Łukasz Rojczyk wrote in #note-12:
> is there any progress yet or will it never work properly ???
>
> Dec 18 10:19... -
- Danilo Zrenjanin wrote in #note-2:
> Yeah, I can confirm this behavior on Netgate 6100.
>
> [...]
>
> The reco...
12/22/2023
-
- Yeah, I can confirm this behavior on Netgate 6100....
12/21/2023
-
Christian McDonald wrote in #note-1:
> Thanks.
>
> pf(4) only supports pass/block action semantics for L2 rul...-
- Do you still have this commit ID I do not think it shows up. I can't fetch 7cdf5ed172bbb98aa62e9a4ef534866ba1d63ef8
12/20/2023
-
- Thoth is no longer used - the error is from old code which has been cleaned up in dev snaps. This is being tracked wi...
-
- With 23.05.01
@AES-GCM,ChaCha20-Poly1305,AES-ICM,AES-XTS,SHA1,SHA256,SHA384,SHA512@
is shown for my model 21... -
- Have you attempted to just manually set the GPIO settings with a cron job to a different color? Would that help or ma...
-
- Have you attempted to just manually set the GPIO settings with a cron job to a different color? Would that help or ma...
-
- Post this in the forum it could be you are not using the correct settings and ACL's for unbound.
-
- crypto id/ping-auth has nothing to do with cryptographic acceleration, it's not relevant to this issue in any way.
-
- Old post however I wanted to bring more attention to CryptoID loss of ping-auth when fresh firmware is installed.
...
12/19/2023
-
- Thanks happy holidays. I enjoyed the experimental layer 2 broadcast storm puzzles that took me way back to old CCNA c...
-
- Also you can see traffic on the experimental layer 2 firewall rules between the interfaces that is the main concern h...
-
- I will be moving back to 23.05.01 it's layer 2 abilities were more secure within the broadcast domains.
-
- Please see photo. Also when a client has a static entry for the firewall on a secure side "Firewall's LAN(WLAN)" and ...
-
- ping-auth -s no longer populates it for you so its empty, how does this effect OpenVPN users?
-
- It still works the thorth folder is empty.
I fixed it by transferring the folder over from an older SSD
-
12:56 AM Bug #15103 (Confirmed): Netgate Crypto ID missing in 23.09.01 after fresh firmware
- Also see: https://redmine.netgate.com/issues/12636
The CryptoID is shown as expected if the /etc/thoth/thothid is ...
12/18/2023
-
- Layer 2 broadcast domain in 23.05.01 would separate compex card from the LAN RJ45 ports. It no longer separates the l...
-
- Hello I noticed this after fresh firmware install on a SG-2100
@ The command '/usr/local/sbin/ping-auth -s > /etc/... -
- Kea does not support HA yet, and that has been warned about in the release notes. We aim to have support in the next ...
-
04:29 PM Feature #15101 (Rejected): Warning about using Kea DHCP for HA env
- Using Kea DHCP for HA environment can and will lead to issues with ARPs if you are using dynamic leases. Nice to have...
-
- is there any progress yet or will it never work properly ???
Dec 18 10:19:00 openvpn 15608 Exiting due to fatal...
12/17/2023
-
- Can confirm that this seems to consistently happen basically every time someone upgrades from 23.01 to 23.05.1.
12/15/2023
-
- Since the release of 23.09.1, devices that upgrade to 23.05.1 from a previous version are unable to upgrade to 23.09....
Also available in: Atom