Netgate SG-1000 microFirewall

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - Ranko Kohime

Pages: [1]
Official pfSense Hardware / SG-1000 sometimes unresponsive over VPN
« on: March 03, 2018, 02:06:29 pm »
I have a strange, occasional issue with my SG-1000.

It normally runs fine for very long periods of time under load, (2+ months with a site-to-site VPN running at 5 Mbps), however, whenever I log in to tinker with it, after a while it will cut out.  I'm normally on the other side of the VPN, to be clear.

The Internet will be down for clients on the LAN side of the SG-1000, but the VPN stays up, and while I can ping local clients from the other side of the VPN, connections such as SSH timeout.  (To both the SG-1000, and my local FreeNAS) If it weren't for those connections timing out, I could just login to my FreeNAS, and access the terminal of the pfsense using cu to reboot it, but unfortunately I have to drive out to where the SG-1000 is and reboot it locally.

The SG-1000 is always responsive on the terminal when in this condition.

Any ideas what might be causing this?  Where to look for appropriate logs for what might be going on?

Traffic Shaping / Priority field missing in HFSC shaper?
« on: December 02, 2017, 07:45:28 pm »
I haven't done much looking at the individual queues since setting up the traffic shaper, but while setting up a new rule, I noticed that the priority field wasn't there.  I didn't see anything in the release notes, except maybe for this in 2.4:
Fixed handling of the priority field for different ALTQ shaper types
but I'm not certain that's related to HFSC.

Is this a bug or an intentional change?  (I am noticing this on 2 separate systems, so doubtful it's just one of my boxes experiencing drive corruption)

2.4 Development Snapshots / Strange hanging issue
« on: October 14, 2017, 11:56:35 pm »
I'm not sure if this is related to the 502 Bad Gateway issue that others are having, but I don't think it is.

I'm running pfSense 2.4.0-Release on a Celeron G1840 with 8GB RAM, and Realtek NIC's  (I know, those aren't recommended, but they work.  For now.  A few that I had purchased have failed, and will be replaced with Intel NIC's in short order)  I mention them in case the Realtek driver might be the culprit.

I'm having an issue where the web interface gives me a 504 Gateway Time-out, trying to SSH in it hangs after it prints the welcome message, and trying to interact with the local console has basically the same effect.  While it's in this state DNS is a bit flaky, but Internet access is generally still available.

I had assumed this was the USB thumb drive I have pfSense installed on starting to fail, (I'm familiar with how *nix systems act when they lose their root drive) but, I had introduced a new client to the network while the system was in this state, and upon rebooting the system, (with said client shut down) it retained the MAC address in the DHCP table, making me think that perhaps the disk was available to the system after all.

Anyone have an idea as to what might be going on here?

Traffic Shaping / Re: Interface speed poblem
« on: August 05, 2017, 12:54:45 am »
Is it possible bcs the SW is a little stupid when i change manualy speed  interface in pfsense  dosent work or problem to be from the cable?
Bcs when i change WAN interface speed to 1 Gps it shows red x.
Your first suspect should be the cables.  The switch you're using is a gigabit switch, you should be getting gigabit at least on the LAN.  WAN is a different story, the hardware provided by your ISP may only handle 100 Mbps, depending on the speed you're paying for.

Especially suspect the cables if forcing gigabit mode on the LAN interface causes it to disconnect as you're seeing.

If the cables are good, then you might have an issue with the gigabit cards you installed in the box.  (The BSD driver might not want them to go into gigabit mode).  Unlikely this is the problem, but not impossible.

Pages: [1]