Fantastic - thanks for sharing.  I've been using the commercial version called RoyalTS ever since the passing of mRemote.  It's great to see that mremoteNG is back in production.  One reminder to always be careful about where you store your passwords.  The original mRemote was implicated in some bank hacks in Asia http://forum.mremoteng.org/viewtopic.php?f=4&t=1939  I seem to recall reading that it was also part of how Stuxnet was distributed within the Iranian nuclear facility, but can't seem find support for that right now.

Oh, you're looking to authenticate against Active Directory|NTLM.  I've never configured that so I can't offer much guidance.  However, maybe someone in the Cache/Proxy forum can help.  This forum is really just for general discussion like the title says, and not support questions.  If you need support, try one of the many support forums above this one.

Alright, so the only way I can get it to work is to have each gaming computer in the gaming subnet to have a static ip and basically * ports in port forward for them.  Is this insane?

Thanks for the reply!

ports.jpg
ports.jpg_thumb

Looks more like the Oscilloscope 64, with optional keyboard  ;D

Currently, it cannot perform that role.

Everything available is here:

https://atxfiles.pfsense.org/mirror/downloads/old/

What does packet capture look like when trying to view a video?

I don't know anything about Facebook but I'm assuming they're piping the video in over 443.

Just in case others are experiencing this and aren't following the redmine issue, Renato came up with a fix for this today (cheers @rbgarga!!)

https://github.com/pfsense/pfsense/commit/aa9cf3fa4d532e9f2dbd05d38ca438980b21e06b

You can apply this commit using the System Patches package. Reboot to effect the change.

Perhaps if you posted in one of the many support forums instead of this General Discussion forum…

pfSense English Support - General Questions

The Cache/Proxy forum is the place for this question.

See this message and those above it in the thread:
https://forum.pfsense.org/index.php?topic=119511.msg662743#msg662743
Package server issues should be resolved now.

There is no Tor package for pfSense

Yes, lots of people have connected pfSense to various VPNs, including those based on OpenVPN and IPSec.

This forum is for general discussion.  If you have pfSense-specific operational questions or support questions, you might be better served by posting your questions in the English Support - General Questions forum.  If your question is about specific pfSense functionality, there are a number of forums dedicated to that specific function such as Firewall, NAT, Traffic Shaping, VPN etc.

Sounds like a plan. dd-wrt gui only supports port-based vlans. Let me chew on this and see if I can get her done.

To give a general explanation of this.

TCP defines a window as how many segments are in-flight Most TCP algorithms use packet loss as an indicator to back off Buffer bloat means hundreds of milliseconds of data can be buffered and trickled in to you

Now imagine this. Your bloated buffers can hold 500KiB of data. Netflix wants to send you an average of 5Mb/s in 250KiB chunks while reusing TCP connections. If Netflix sends you 250KiB of data at 10Gb/s, while you can't receive it that fast, you cable/DSL modem's buffer holds all of the data. Since no packets are dropped, Netflix never knows to back off. Since all of the data fits within the TCP window, and the bloated buffer can hold the entire window, you will get line-rate bursts.

This is why bufferbloat is bad.

I had a variation of this. My ISP has an elastic buffer that allows bursts through. Instead of the buffer soaking the burst and slowly trickling it through, it let the burst pass, then started to clamp down. This meant my computer will receive the data at full 1Gb/s even though, at the time, I had a 100Mb connection. My computer would ACK all of the data, making the send think I actually have a 1Gb connection. As they continued to send 1Gb/s at me, my ISP's shaping algorithm would start to restrict the bandwidth and started to drop packets. This would cause a burst of packet-loss at the start of any heavy low-latency TCP connection.

I actually fixed this by having PFSense shape my downloads. Instead of just telling the 1Gb burst through, PFSense would buffer it and start dropping some packets prior to my ISP doing so. This did two things. 1) It delayed the packets 2) It dropped fewer packets early on before the sender ramped up to full speed.