Edit: I see what I did wrong.

http://devwiki.pfsense.org/FTPTroubleShooting keyword for a search: passiv +ftp Last but not least. Why not switch to SFTP. The why The how

I have fixed the issue.  In case anyone else is ever curious about setting up my solution you also need to add firewall rules to permit traffic from your other networks to pass through.  Thanks for everyone's suggestions on this! -Mark  

Here is what ports I open for asterisk and mine works flawlessly. UDP -> 5060-5082 -> SIP UDP -> 10000-20000-> RTP UDP -> 4569 -> IAX2

rsync through NAT shouldn't be an issue. This should help. http://doc.pfsense.org/index.php/Port_Forward_Troubleshooting The pfSense download mirrors rsync to a server behind pfSense NAT.

Not with host headers. Might be something you can do via policy routing using other specifics.

I have fixed this problem by setting all the networks to a /24, and adding the destination network to the pfsense1 rules. All is working well now. My Wireless setup is located here http://forum.pfsense.org/index.php/topic,10077.0.html

yes but on port 441 Thanks for your response cconk01

I think there are a few threads about the long wait for CARP interfaces during bootup. As far as i know the problem is solved for the next version. Hmmm. I've never experienced that i had to reboot to get CARP IP's working. Are you sure you've waited long enough? A reload can, depending on your setup, take quite a while.

There is a note at the bottom of the screen when you add a VIP. Note: ProxyARP type IP addresses DO NOT work with the FTP Helper and addon packages such as squid. Use a CARP type address in this case.

hi, im testing Current version: 1.2.1-TESTING-SNAPSHOT. problem still persists. i will stay tuned …. ozett

Having trouble visualizing what the firewalls should look like to allow the server to be dmz out the wan. I have taken your advise an changed the /8 to be a /24 like the rest of the network. (See last diagram) I am very excited about this GruensFroeschli  you rock.

just need to access my home desktop http web and https for my wireless access point.

Anything not explicitly allowed is denied, so you shouldn't worry too much. DNS should show closed from the WAN. The DNS forwarder will show DNS open from the LAN side- I don't think it should show open from the WAN, but I'm not 100% sure- I generally point DNS to an internal server instead of running the forwarder…

Ok, so here's my follow up to the issue. Here is the setup: –------------------------- (Internal Nodes)-----|48port switch|--------<---------------------- Pfsense box----------------------->--------------|48port switch|-----|External Public IP's---------> (192.168.2-7)-------|SWITCH|--------------LAN(em2)192.168.1.1--|----------|-82.46.115.82(em0)WAN-------------|SWITCH|-----------(82.46.115.1-255) I was able to setup the internal interface em2 as 192.168.1.1 and the external interface em0 as 82.46.115.82. All the private IPs  need to have ssh,http, and https enabled. Which would be a better approach: NAT–->1:1---> ProxyARP with -->outbound NAT and all the proper rules that will forward traffic from external to internal interface. or NAT-->Portforward using single WAN interface address but different ports.   a) Can all the internal clients have ssh,http, and https access from a single interface? Hopefully this helps, let me know if there is anything i can add.

Outbound traffic works. I tried the same configuration (same IP, etc) with a Netgear WGT624 router and everything including port forwarding worked. I also called my ISP and asked them to check that everything was properly configured on their side. It's really strange this won't work.

http://forum.pfsense.org/index.php/topic,7001.0.html

You cannot do this with pfSense. I think if you search on the forum there is a thread about this exact same issue. Someone provided a solution but i dont remember what it was ^^"