pfSense+ ver. 24.09: Recovering from a Firmware Upgrade Mishap on My Netgate SG-1100

Upgrading the firmware of a device usually promises enhancements and bug fixes, but it can sometimes lead to unexpected complications, as was the case with my recent experience upgrading my Netgate SG-1100 from version 23.09 to 24.03. Typically, a firmware upgrade takes around 15-20 minutes, during which I ensured I had a backup in place, following best practices.

However, this time around, the upgrade did not go as planned, and I found myself reaching for my serial cable, downloading balenaEtcher and PuTTY, and preparing for a manual recovery. I reached out to Netgate support, who guided me through the process of downloading the latest firmware. The process was straightforward: log into the Netgate store, add the firmware to your cart, and download it at no additional cost.

Using balenaEtcher, I wrote the firmware image to a USB stick, then connected it to my device. With my serial cable attached and PuTTY configured (COM3, 115200 speed, 8 data bits, 1 stop bit, no parity, and no flow control).
I followed the detailed installation instructions provided by Netgate, which are available here.

During this ordeal, I was grateful for my backup Internet solutions, including a home fiber connection and mobile Internet. I had a secondary router ready—a Zimaboard running pfSense Community Edition—which not only got me back online quickly but also, surprisingly, performed faster than the SG-1100.

This experience reinforced the value of having a backup router and the practicality of using pfSense Community Edition for personal use. For businesses, however, I would still recommend investing in a Netgate device with the Plus version for additional support.

Once I resolved the initial issues, restored my settings, and confirmed everything was operational, I decided to keep the Netgate SG-1100 as a backup device while continuing to use my Zimaboard. This incident highlighted a compatibility issue with pfBlockerNG-devel and the new firmware on the small Netgate SG-1100, which was resolved by switching back to the stable version of pfBlockerNG.

Always having a backup plan and knowing how to manually recover your device’s firmware are invaluable, as Internet connectivity is crucial in today’s world. The ability to troubleshoot and restore functionality with minimal downtime is not just convenient; it is essential.

Knud ;O)