Thanks, I had rebooted the server a few times trying to resolve. Is that the same? On the reload with error, did it point to something specific? I ask because I'm not sure how to debug this without taking everything down all over again.
Chuck -----Original Message----- From: List [mailto:[email protected]] On Behalf Of Seb Sent: August-17-15 6:40 AM To: [email protected] Subject: Re: [pfSense] pfSense 2.1.5 to 2.2.4 update problems... Maybe you had the same problem as me. Log in on ssh shell and then try running: pfctl -f /tmp/rules.debug This should reload the rules, but might throw an error.. Kind regards, Seb > -----Original Message----- > From: List [mailto:[email protected]] On Behalf Of Chuck > Mariotti cmariotti-at-xunity.com > Sent: 15 August 2015 22:26 > To: pfSense Support and Discussion Mailing List > Subject: Re: [pfSense] pfSense 2.1.5 to 2.2.4 update problems... > > I should point out that at one point there was a "DNS Rebind" > message in the best browser for one of the sites internally (not sure > if that's related). > > -----Original Message----- > From: List [mailto:[email protected]] On Behalf Of Chuck > Mariotti > Sent: August-15-15 1:16 PM > To: pfSense Support and Discussion Mailing List > <[email protected]> > Subject: [pfSense] pfSense 2.1.5 to 2.2.4 update problems... > > I had a need to update to the latest pfSense. I had a replacement > machine with the latest 2.2.4. Took the config file from 2.1.5 and > restored it... > > It got stuck on the restoring packages and I eventually unlocked and > just left it as-is. > > Swapped over the connection to the replacement and some internal > websites (https) stopped being available to the public... internally > no problems. > > I looked quickly but could not find what was happening with a simple > update. So I switched it back to the original. > > I reinstalled 2.1.5 on the replacement machine... restored the > config... switched it over and all worked perfectly. > > I ran the in-place update and it completed without issues (including > packages)... but again, many internal sites not available to the > public side. > > Did I miss something in the upgrade method? There is a patch that was > previously applied but I don't think it was related and it didn't say > it was enabled. > > Fix SHA1 certs > > http://github.com/pfsense/pfsense/commit/fd750cd064a46f364a7e0 > 6c9fe27d46ce11cd09a.patch > > Unfortunately, I did not have much time to debug since there was an > unrelated hardware failure which extended the appox downtime from > 5-10mins to about 3 hours.... So was mostly interesting it restoring > things back to normal. > > To be honest, I don't know if it was both http(s) or just https only > that was not accessible... I think it was https but it's too late to > test it again. There is a NLBS serving up some of those sites if that > matters. > > Any suggestions would be greatful. > > Regards, > > Chuck > _______________________________________________ > pfSense mailing list > https://lists.pfsense.org/mailman/listinfo/list > Support the project with Gold! https://pfsense.org/gold > _______________________________________________ > pfSense mailing list > https://lists.pfsense.org/mailman/listinfo/list > Support the project with Gold! https://pfsense.org/gold > _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
