Rip sg-1100...?

  1. The switch ports on my SG-1100 bit the dust last weekend. Confirmed with console etherswitchcfg check. This box had been running for just 6 months…so is this a freak failure or are these devices less than robust?

  2. After this happened, I became incentivized to add some redundancy in my IT inventory. The SG-1100 has been RMA’d, but not sure what the turnaround time will be…so I ordered a new appliance (SG-2100). Can I load my saved pfsense profile from my SG-1100 to my SG-2100?

  3. Are there any pfblocker lists that target google, MS, and/or apple telemetry?

  4. In pfsense, is it possible to run traffic for one specific VLAN through a VPN?

You should be able to reload the config onto another device you might need to modify the interfaces if they are different between the two devices.

I find uMatrix ad-on for firefox to be a bit more intuitive at blocking things as you’ve described, (it quickly breaks sites and things don’t work so it’s mostly trial and error) it’s more work to find out what pfblocker is doing, though I run that with just a few lists.

If you want your vlan traffic to exit via the VPN you just have to ensure it’s the VPN gateway selected and not the WAN in your rules. That means if you set-up your own OpenVPN server, you can remote into it and then exit via the VPN without using up any of your VPN connections.

1 Like

In case anyone else experiences a switch failure on an SG-1100, here is what happened:

  1. Netgate was good about quickly issuing an RMA.
  2. Almost immediately after it arrived at their facility, they replied with “We received your system and I was able to verify the symptoms you described. I have updated the BIOS and installed the latest version of pfSense and we are shipping your system back today.”
  3. They shipped it back and it now works fine.

I still don’t understand what caused the switch to fail in the first place. The latest bios came out several months prior to my purchase of the appliance and I was running pfsense 23.05 (they upgraded it to 23.05.1). So it wasn’t like I was running old firmware/software.

I asked netgage what caused the switch failure, can customers reflash bios in console, and if there was anything else wrong with the switch…sent the questions a couple times via email…they never replied.

If you look in the Package manager, there is one for Netgate devices and firmware updates, perhaps all they did was add that and perform an update.

1 Like