I was able to resolve this.  I set this up with the settings above and it worked.  Not sure what I had wrong the first time.

ok thanks, i'll try it in the evening.

yes. most people don't use vlan1 for any client connected systems i personally have a couple of sites where i use vlan1 for all management interfaces. these have the switch management interfaces and esx console interfaces etc etc etc

aight thx guys… will give it a try.. thk you so much :D cheers!

If they're both in the same WAN subnet, to talk from box to box you may also want to disable reply-to on the WAN rules (System > Advanced, Firewall/NAT tab).

Does the fact that the policy specified gateway has a dynamic address have anything to do with the traffic being redirected over default route when the gateway goes down? If the gateway specified by the policy route had a static address, would I be experiencing the same issue?

I was having this problem, and realized that somehow the gateway I created to use for the static route was applied to the WAN interface instead of the LAN interface.  As soon as I corrected that the problem completely went away. It was weird because the traffic would still pass, but the connection would reset every few minutes.  The firewall log showed that packets would get blocked every once in a while.  I just wanted to note this in case it helps someone else.

This sounds a lot like a bridged setup. The way to go would be: bridge WAN and LAN, assign the bridge as interface, and give the .130 to the bridge. Set the default gateway of the devices behind the pfSense to .129 (NOT .130)

I've decided to try out Aliases, IP is obtained by dig and updated daily. I did refer to squid's access.log for all(most) the url associated to youtube.com for eg. Am using Aliases Hosts because I would like to keep the record updated locally(like config.xml) as I find it troublesome to set up a webserver just to host the URL table text file. Ip addresses are inserted into config.xml directly. It would be convenience if I am able to refer to a local text file(so no need to insert thousands of ip addresses into that little config.xml) Thanks for the attention. :)

With openVPN you wouldn't need 3 separate tunnels. You would simply create firewall rules that just allow the subnets to their respective counterpart on the other side. Actually, with an openVPN tap in bridged mode you could even directly transfer the tagged frames. But a routed setup is better (less traffic on the link).

GRE traffic will only follow the firewall's default route. PPTP is dead anyhow, move on to something more secure. Heed the warning here: http://forum.pfsense.org/index.php/topic,54255.0.html

you would need to implement some sort of vpn to do this kind of thing. openvpn is probably the easiest. there are plenty of tutorials floating around (see the 'openvpn' section of this forum)

Thank you. I can now ping all devices in the virtual network.

I'm shooting in the dark here, but can you try this? Instead of the using WAN IP, use an IP Alias for your natted LAN (1:1 external ip to internal LAN subnet) - 173.173.173.145/30 For your OPT1 interface, assign it 173.173.173.149/30 and give your server 173.173.173.150 Try without static routes or gateways assigned to those interfaces. Hopefully, someone with more knowledge will chime in and correct me if I'm wrong.

on the web interface of the routers i can see only one is being used. I solved my problem by adding an other interface on pfsense for the 2nd internet connection and it worked just fine. Thanks for your help anyway ;)