Skip to main content

PFS100 - Failed to Get pfSense Alias

Agent error code #206100#PFS100 indicates that the request to read the alias from pfSense failed. This lookup is required before every grant and revocation, so this error blocks alias updates.

This error is distinct from alias-not-found (#206103)#PFS103), which returns a clean response indicating the alias is missing. Error #206100#PFS100 means the GET request itself errored (network issue, parsing failure, or unexpected HTTP status).

Common causes include:

  • A transient network issue between the agent and pfSense
  • pfSense is mid-restart or mid-reload and returning an interim response
  • The pfRest package is in an unhealthy state
  • A proxy or load balancer in front of pfSense is interfering with the response

Steps to Resolve

Reproduce the Lookup Manually

  1. From the agent host, run a similar lookup to what the agent uses: 
    curl -sk -H "Authorization: <api-key>" https://<pfsense-host>/api/v2/firewall/alias?id=<alias-name>
  2. Confirm the response is a JSON body containing the alias

Check Underlying Error Detail

  1. Open the orchestration agent log and find the entry corresponding to the failed grant
  2. The technical detail logged alongside identifies whether the failure was an HTTP status, a parse error, or a network issue

Check pfSense Status

  1. Log into pfSense and confirm the dashboard shows the system as healthy
  2. Look in Status > System Logs > General for warnings around the time of the failure

Still Having Issues?

We can help you out, contact us at support@knocknoc.io.

Back to top