@jimp: There isn't a good way to accomplish that with percentages. You can set a hard upper limit using limiters, but it has to be specified exactly as a rate in Kbit/s or Mbit/s and so on. Thank you for your response. I can see how I might need dedicated internet access for this to work.

Check the MikroTik routerboards or the Ubiquiti EdgeRouter PS.  I'm still prefer pfSense !  ;D

pfSense is a stateful firewall. When a connection is successfully started, a state is created. Any traffic matching that state in BOTH directions is allowed. So when a LAN client connects to google.com a state is created and the reply trafic from google.com is allowed into WAN and router back to the client. It all works out-of-the-box with the default allow any rule on LAN. What else have you done in seting this up? Do NOT put a gateway on LAN. Gateway only goes on WAN.

@phil.davis: @dannieldin: Sorry for double posting. I cant give you guys my settings since I am not in office til monday. But I read some posts here about putting gateway on LAN. And I think that is my mistake. I will try it til then. You neverset a gateway on the Interfaces->LAN page. The gateway there is an Upstream Gateway - somewhere that leads to the internet. The clients on LAN will have the LAN IP as their upstream gateway - but pfSense LAN itself must NOT have gateway set. The text on 2.1.1 has beenenhanced to say "Upstream Gateway" instead of just "Gateway" and more description aded. Hopefully that will help people understand when to use it - only for WAN-type interfaces. Stated much more clearly than I , where i could have said something to the effect of 'your LAN hosts gateway is the static IP set on the LAN interface'

MUst not have been a very busy server. I used to work for a bank, and the busy servers had to be rebooted once a week, cause if not, it would crash after 2 weeks of uptime. Especially the exchange servers. They would blue screen in a 10-12 days. That is definitely an exception.  Although there was one server that was 2000 server and it was just standalone server that no one had the admin password to that stayed up for at least 6 months or longer.  I have noticed that newer server version are better, they just slow over time and not blue screen. Sorry for igniting the flame, but Windows has cause so much frustration for me in general.

Dear All, I have read the documentation at https://doc.pfsense.org/index.php/OpenVPN_Site-to-Site_%28Shared_Key,_2.0%29 for how to configure the OpenVPN. Kindly assist me for the firewall configuration part. Base on the documentations it need to configure in wan interface. What needs to configure? How to configure it? Thank you in advance.

I don't know the plan, but if he new pf filter is included, there will be some new features. More support for wireless and probably quicker all around. But we will wait and see. Thanks to all the developers.

Great. This is definitely a step in the right direction even it could use some further refining later. It isn't going to confuse anyone who already understands the situation and it will probably eliminate most of the incorrect gateway issues for people who don't. Steve

If you think that it might be a signal issue, when your internet starts to act up point your browser to http://192.168.100.1 that should give you a diagnostic page where you can see what's going on with the signal. If you don't know what the numbers mean post them here and I will interpret them. Might be a good idea to record what they look like when things are fine too, that way you have a good baseline.

Still not sure I understand the issue. A diagram might help here if you can't solve it yourself. Steve

Hmm, interesting. Hard to see what it might have been that caused a high php load. That could have just been a symptom of course, something else actually triggering the php script. Steve

Is this a new setup or something that has been working any just failed? Zero packets sounds like you have a layer 1 problem so possibly bad cable, bad switch port, bad NIC. Other clients can ping each other across the switch? Are you using Static addressing throughout? Steve

Really, extremely, dramatically lower!  :o http://www.norgie.net/documentation/firebox/ Hence my advice here: https://doc.pfsense.org/index.php/PfSense_on_Watchguard_Firebox#Firebox_II_and_III I'm not sure quite where the 1000 falls in the II or III model range but it's down there. I'd be surprised if you can push 50Mbps through that box without any packages. Steve

@johnpoz: So use WPAD and autoconfiguration of the proxy then..  Duhh!! excuse me sir  ;D what is WPAD and i cant find menu on the proxy server? i am so interest on filtered https with non transparency mode with autoconfig any device best regards  :)

Power cycling modem and router/firewall should do the trick 99% of the time. Shut both down then power up the modem and wait until it is fully booted before powering up the router/firewall. On a side note, whenever I set up new edge device my IP changes (the modem sees a new MAC address). I then clone my MAC address from like 10 routers ago and reboot the modem and it issues me the same IP that I've been using for years. Comcast won't sell me a static without converting to a business class connection but my dynamic has been essentially static, so why bother?