Menu
What's new
By:
Filters Better Search

pfSense 2.4 upgrade...

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

sfx2000 said:
Now that 2.4 is out...

Seems good, no issues with the upgrade, but this is netgate hardware...

Rolling change from 2.3.3 to 2.4...

https://pastebin.com/i2RCThSe
Click to expand...
I decided to perform a fresh install with v2.4-RC because pfBlockerNG and Suricata did not function properly after upgrading from 2.3.4 to 2.4-RC. I also wanted to take advantage of ZFS with 2-way mirror OS configuration. I installed RC upgrades when released. It was uneventful upgrading from 2.4-RC to 2.4.0-RELEASE.

No issues to date although I haven't installed any packages.
 
Blade Runner said:
I decided to perform a fresh install...
Click to expand...
Did you do a fresh install and restore the configuration and packages afterwards or did you start from scratch and configured everything again by hand?

I am having some weird issues with my openvpn client connections from my firewall to my VPN provider. If I have more then one client active the gw shows down for one or both client interfaces.
Disabling and enabling again the client give me errors on the tun device. Was working fine all the time in my 2.3 setup.
 
HeMaN said:
Did you do a fresh install and restore the configuration and packages afterwards or did you start from scratch and configured everything again by hand?

I am having some weird issues with my openvpn client connections from my firewall to my VPN provider. If I have more then one client active the gw shows down for one or both client interfaces.
Disabling and enabling again the client give me errors on the tun device. Was working fine all the time in my 2.3 setup.
Click to expand...
Fresh install, configured everything including VPN, and did not install any packages.

Configuration includes multiple VPN clients and gateways?
Check System > General Setup > DNS Server Settings
Gateway field(s) should be [none].

One or more gateways offline?
Check System > Routing
Gateway (IP Address) should be dynamic (grayed out).
Monitor IP field(s) should be blank/empty for each VPN gateway.
 
I get a "502 Bad Gateway" error when trying to access the pfSense Web GUI. I can logon a SSH session. But it hangs after entering my password. I noticed it about 24 hours after upgrade to 2.4. Appears to be impacting pfBlockerNG users. I did a search and found the issue is known and is being worked on:

https://redmine.pfsense.org/journals/diff/34340?detail_id=26490

Multiple users complaining that following the infamous 502 Bad Gateway, they eventually are unable to do anything with the OS, not just GUI, but also SSH and even via serial console. This is 2.4.1 specific regression.

https://forum.pfsense.org/index.php?topic=137103.msg753678#msg753678
https://forum.pfsense.org/index.php?topic=137103.msg753782#msg753782
https://forum.pfsense.org/index.php?topic=86212.msg753480#msg753480
 
Xentrk said:
I get a "502 Bad Gateway" error when trying to access the pfSense Web GUI. I can logon a SSH session. But it hangs after entering my password. I noticed it about 24 hours after upgrade to 2.4. Appears to be impacting pfBlockerNG users. I did a search and found the issue is known and is being worked on:

https://redmine.pfsense.org/journals/diff/34340?detail_id=26490

Multiple users complaining that following the infamous 502 Bad Gateway, they eventually are unable to do anything with the OS, not just GUI, but also SSH and even via serial console. This is 2.4.1 specific regression.

https://forum.pfsense.org/index.php?topic=137103.msg753678#msg753678
https://forum.pfsense.org/index.php?topic=137103.msg753782#msg753782
https://forum.pfsense.org/index.php?topic=86212.msg753480#msg753480
Click to expand...
Have seen that too, but did not pay attention to it yet.
I am using pfblockerng as well.
Will investigate further in the weekend if I can find the time.
Is there a place where I can download the latest stable 2.3 just in case?

Verstuurd vanaf mijn A0001 met Tapatalk
 
HeMaN said:
Have seen that too, but did not pay attention to it yet.
I am using pfblockerng as well.
Will investigate further in the weekend if I can find the time.
Is there a place where I can download the latest stable 2.3 just in case?

Verstuurd vanaf mijn A0001 met Tapatalk
Click to expand...
pfBlockerNG combined with DNSBL is the cause. Some people have been commenting out three lines of code seen here https://forum.pfsense.org/index.php?topic=137103.msg756591#msg756591

The PR should be release soon. The fix can manually be applied this way.
https://forum.pfsense.org/index.php?topic=137103.msg756605#msg756605

I will need to reboot to regain access to ssh and web GUI in order to apply the fix.
 
The 2.1.2 update to pfSense package pfBlockerNG is now available to fix the 502 Bad Gateway error.

Update to the latest pfBlocker (2.1.2 or later) as it contains a fix for the 502 Bad Gateway and SSH access issue. After updating, you will want to reboot the firewall to make sure it's starting with a clean slate. At the very least, stop and restart the DNSBL daemon.

Source:
https://forum.pfsense.org/index.php?topic=137103.msg756882#msg756882
 
Last edited:
Xentrk said:
The 2.1.2 update to pfSense package pfBlockerNG is now available to fix the 502 Bad Gateway error.

Update to the latest pfBlocker (2.1.2 or later) as it contains a fix for the 502 Bad Gateway and SSH access issue. After updating, you will want to reboot the firewall to make sure it's starting with a clean slate. At the very least, stop and restart the DNSBL daemon.

Source:
https://forum.pfsense.org/index.php?topic=137103.msg756882#msg756882
Click to expand...

Yesterday I updated to the latest version, directly after a reboot because of the 502 bad gw error, and since then no more 502. Thnx for the heads up!!

Blade Runner said:
Fresh install, configured everything including VPN, and did not install any packages.

Configuration includes multiple VPN clients and gateways?
Check System > General Setup > DNS Server Settings
Gateway field(s) should be [none].

One or more gateways offline?
Check System > Routing
Gateway (IP Address) should be dynamic (grayed out).
Monitor IP field(s) should be blank/empty for each VPN gateway.
Click to expand...

I checked my configuration for all those points, and indeed the monitor ip fields for the GW were not empty.
After crosschecking with the 2.4 version of the guide I used before to create them (at that time the 2.3 version) I saw that guide did not mention the monitor ip's anymore as well.

Just removed both monitor ip's and for now both vpn-clients are working fine again.
Thnx for pointing out the right solution!
 
pfSense 2.4.1 resolved a few issues that some had with 2.4.

Painless update here...
 
You must log in or register to reply here.

Similar threads

M
OPNsense vs. pfSense CE in 2023, what are your thoughts?
Replies
8
Views
3K
ddaenen1
ddaenen1
H
Something to place in-between modem and router for traffic stats?
Replies
10
Views
497
Tech9
Tech9
M
Pros/Cons of preloaded Netgate appliance vs. installing on own hardware?
2
Replies
33
Views
4K
Tech9
Tech9
GHammer
pfSense No More Without Paid Version?
4 5 6
Replies
116
Views
7K
ddaenen1
ddaenen1
S
Sell my eero Pro 6Es for Asus?
Replies
5
Views
661
syedsahmad
S
Similar threads
Thread starter Title Forum Replies Date
C Pfsense wins awards Routers 34
GHammer pfSense No More Without Paid Version? Routers 116
C Pfsense with newer CPUs Routers 22
C Att Fiber bypass for pfsense Routers 1
slackjaw99 pfSense vs. OPNsense AFA offloading logging, database etc to other hardware Routers 4
T pfSense/ OPNsense help Routers 111
A advice about pfsense/opnsense hardware: H87N-wifi Routers 6
M OPNsense vs. pfSense CE in 2023, what are your thoughts? Routers 8

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 968 (members: 30, guests: 938)
Top