I assume you are asking about how to provide access to the webGUI for remote support. I would connect with OpenVPN. But for that you need to be able to define a port forward on the provider's front-end box to forward some fixed port number in to the pfSense WAN2 and/or WAN3. If that is possible, then add Dynamic DNS entry to the pfSense on WAN2 and/or WAN3 so you have a name available on the public internet that points to the provider's current public IP in front of you. I had the trouble that a provider did not have any provision to port-forward anything to a site. In that case you would have to put an OpenVPN server at your home/office and have a client OpenVPN at the site that is making a connection out, back to your home/office. Then you bring up the server at your home/office, wait 1 or 2 minutes, the client will be trying to connect and then "bingo" a connection appears. Then only add rules on OpenVPN for what you want to allow - to just manage the webGUI it would just be allowing the tunnel subnet only to talk, I expect.

pfSense uses its own config file (/cf/conf/config.xml) to build all other conf files at boot time. If you want anything to survive a boot, you have to do it through the web configurator (or from the console menu) so that the settings you want are recorded in config.xml. If the web configurator does not have the thing you need, then there are ways to invoke your own script at various points in the boot. What do you want to change in lighty-webConfigurator.conf?

Is there a way to grant limited admins access to all installed packages, but not the ability to install any themselves?

Here: https://github.com/pfsense/pfsense/blob/RELENG_2_1/usr/local/www/widgets/widgets/traffic_graphs.widget.php traffic_graphs.widget.php was updated in Dec 2013 to add this functionality, even the 2.1 branch was updated, so it will appear in 2.1.1, whenever that happens. It will work find applied on a 2.1-RELEASE system.

You can download a config backup from Diagnostics > Backup/Restore and then edit the users in and restore that edited config. Assuming your edits are good, it will reboot and then have all the users.

Same for me: http://forum.pfsense.org/index.php/topic,70356.msg383827.html#msg383827 Please help us to have a relay for each interface!

@Paul47: I wish your explanation was provided by the help button on that page. Ask and you shall receive https://doc.pfsense.org/index.php/Firewall_Rule_Basics That is the page linked too, since phil was kind of enough to write it up, I figured I could take a couple of minutes and add them to the wiki.  Thanks Phil!  Your other great post about multiwan and rules needs to be added too, off next week its on my todo list ;)

AFAIR it was added at one point to correspond to the rule IDs linking NAT Port Forward and firewall rule entries. Really it's largely unnecessary. I have never seen anything in the column and it's just a waste of space at the moment.

Not easily, no. EasyRSA wants to create and do everything itself. I suppose if you very carefully exported the CA from pfSense and set all of the files just right (e.g. serial.txt) it might come out OK but it's still not something I'd recommend. Why would you want to use EasyRSA to manage certificates instead of the GUI?

You need to talk to Bmeeks since he is currently implementing Suricata in Pfsense. So you guys could work together!

i make different subnet but again cannoot access to web gui i have a ethernet card … Lan : 192.168.1.1 Client Pc ip : 192.168.1.20 gateway    : 192.168.1.1 again i cannot access ... other problem , i dont knoww...

Thank you for your reply @phil.davis, actually this was a suggestion more than an issue (I should have mentioned that before ^^). I know it's linked with the xml configuration file, but it has to be possible setting the WAN gateway to none.

I resolved the problem. This worked: killall -9 php killall -9 lighttpd /etc/rc.restart_webgui It seems that the build-in Option 11) of restarting the webConfigurator did not work as expected.

well, you're not alone: http://forum.pfsense.org/index.php?topic=67295.0

After some digging I referenced: https://doc.pfsense.org/index.php/I_locked_myself_out_of_the_WebGUI,_help! and found how to do it.

You want a tool for creating 2D piecharts or dashboard charts which supports jquery,for this you should use Koolchart. Because it supports Javascript functionality and you can create any type of chart with it. Its really good as far as 2D charting is concerned.

Thank you very much it's working now.