Installation and Upgrades / Re: Restore backup - different hardware
« on: February 10, 2018, 08:55:11 pm »
Well I answered my own question.  When I installed and booted it told me my VLAN parent interfaces no longer existed and I had to fix.  So I set all the interfaces and hit save and seemingly nothing happened.  A freeze up.  I scratched my head and tried again and then again and then I actually looked at the VGA monitor instead of the webconfigurator and saw the word "reboot".

It saved the config and then rebooted...........and came back alive with a new IP address.  D'oh.  I did it right the first time.

I'll yank the SG-2220 tomorrow and install the new device.  Should be plug and play at this point.

Installation and Upgrades / Restore backup - different hardware
« on: February 10, 2018, 06:53:20 pm »
I have an SG-2220.

Just bought this

and installed latest pfSense on it.

Will I be able to simply restore the backup file from the SG-2220 or do I have to reconfigure all?

Official pfSense Hardware / Re: SG-2220 user - upgrade?
« on: January 31, 2018, 09:13:53 am »
I never saw the Minnowboard before.  That looks like it has a little more horsepower than the SG-3100.  Might have to go that route.

Official pfSense Hardware / Re: SG-2220 user - upgrade?
« on: January 31, 2018, 09:04:56 am »
i am in the same boat. i love my sg 2220 and do not look forward to the day it has to be replaced.

its funny a couple weeks ago i tried to disassemble the device (it is older than a year)   and 2 screws are pretty much not removable now, i guess they were locktited..   i used a correct size screw driver and all.   totally stripped now...    I was going to attempt to install a m2 drive on the bottom of the motherboard.  i guess i won't know

i am going back and forth between the sg3100 and the minnowboard quad core 2 port router.

I'm not a networking guru but I run a VPN server, 2 VLAN's which feed two separate routers and/or switches and run Snort, pfBlockerNG and simple firewall rules.  Can't live without it now.  I'm stunned and amazed at the log files especially the firewall and snort logs.  Makes you wonder who actually did make it inside.

As with most things, advancing software outpaces old hardware and I am concerned that my SG-2220 will be rendered obsolete soon as upgrades hit.  And now I keep reading about the SG-2220's just dropping dead.  I've probably read 10 or more pretty recent instances of it.

I'm waffling between the SG-3100 and building up something myself.  Although by the time it is all said and done I'm at the SG-3100 price point anyway.  Considered building an HP T620 pfsense box but having the small appliance is worth something to me as well.  I don't need another giant box at home. I already have a FreeNAS, Openmediavault, and Ubuntu server sitting next to each other.

Then again the SG-2220 may be viable for a couple more years.  I hate to use until break though because I think from now on I always want that hardware firewall box in front of everything.

Official pfSense Hardware / SG-2220 user - upgrade?
« on: January 30, 2018, 05:30:19 am »
I have a Netgate SG-2220 which I've had for I guess a couple years.  I'm considering upgrading however torn between official pfsense hardware and building my own.

Or should I just use SG-2220 until death?  I'm not having any issues however I've been reading a lot lately about them just dying.  Also concerned if it will be adequate for the upcoming v2.5

Any thoughts, ideas, or gotchas?  Or leave well enough alone?

IDS/IPS / Snort JavaScript Heap Spray
« on: July 27, 2017, 04:25:10 am »
I keep throwing an Alert and Block in Snort whenever I go to a particular site (  This is the block notification

ET SHELLCODE Hex Obfuscated JavaScript Heap Spray 41414141 -- 2017-07-27 05:14:03

Can this be considered a false positive?

pfBlockerNG / Re: PfblockerNG and DNSBL
« on: March 22, 2017, 06:12:39 pm »
I whitelisted which seemed to work.  Elegant solution or not?

pfBlockerNG / PfblockerNG and DNSBL
« on: March 22, 2017, 01:50:15 pm »
When I go to Youtube (and some other sites) this pops up.  Disabling DNSBL makes it go away.  I have read through the forum.  Unchecked, forced update, etc but this persists. It did it ages ago, went away, and then seemed to reoccur recently, maybe after my last update to pfSense.

Firewalling / Re: Simple help with port forwarding
« on: September 10, 2016, 05:08:33 pm »
And why do I always post stuff, then figure it out.  It was a SNORT rule blocking me.  FTP telnet parameters too long.  I have no idea what that's all about but cleaning that rule did it.  False positive?

Firewalling / Re: Simple help with port forwarding
« on: September 10, 2016, 04:37:47 pm »
I'm going to bump this.  I tested this and thought it worked but I can only access my server inside my LAN and I can not crack the code on how to make it internet facing.

Lil Help!

Firewalling / Re: Simple help with port forwarding
« on: September 05, 2016, 07:59:13 pm »
Never mind, I got it.  I think just writing the problem out here logically made me realize the problem

Firewalling / Simple help with port forwarding
« on: September 05, 2016, 07:49:46 pm »
This is probably really basic but I can't figure it out.

I have a web server on 192.168.xx.xx:2100  This is on VLAN20

PfSense is at 10.X.XX.X

how do I direct traffic to my web server on the computer behind pfsense.  (My ISP blocks 80)

Firewalling / Re: Guest network block computer to computer
« on: July 30, 2016, 04:37:43 pm »
I need a layer 3 Managed Switch to do that, don't I?

Firewalling / Re: Guest network block computer to computer
« on: July 30, 2016, 04:33:01 pm »
No. That is same-segment traffic and must be blocked in your switch.

The firewall is not involved in traffic between hosts on the same segment.

Thanks.  I'll take a look at my switch config but I'm wondering if I can do that I have a TP-Link Easy Smart Switch 16 port.

Firewalling / Guest network block computer to computer
« on: July 30, 2016, 04:06:34 pm »
I have two wifi access points.  One is on VLAN10 and is internet only and cannot see the other network. 

Is it possible to create rules that prevent any computer on this VLAN10 guest network from seeing another computer on the same VLAN10 network?

