I didn't. I guess it's the Netopia 4541 router on the WAN end which bring this. There is no option in the menus to act on this.

@jasonlitka: 2.1 only has 4 open tickets.  We should see it by the end of January, right?   :) Add in all the "future" ones :-)

Has no one an idea?

Please start new threads for new issues. This is the second post of yours which I had to split into a new topic due to unrelated content.

I split your post into a new thread, it was unrelated to the thread in which it was posted originally. If you want to make your BIOS boot from CD, you'll need to consult your system's manual. Every BIOS is different, so there is no single set of step-by-step instructions that can be written to help you. In general, it goes something like this: Get into BIOS (varies by mfg, could be Del, F2, F12, F1, etc) Find boot settings (Could be boot menu, or advanced, or anywhere really) Adjust the boot order (Could be by pressing enter on an option, hitting +/- to adjust order, hitting F5/F6 to adjust order, etc) Save and exit (Could be a menu option, could just press esc, maybe a special key, etc) Make sure that your hard drive is still bootable, just at a lower priority than the CD.

I don't know the scale of the problem: for example is this for a "large" research lab that just got an "intelligence" contract and now has to "do something" about security or is it to protect the computers of the rest of the family from grandma's laptop (which has proved to be something of a virus magnet) when she comes to visit and plugs it into any RJ45 socket in the house that seems good at the time. The details of the requirements seem to be gradually unfolding. Lets see if I can flush out a few more. Here's a couple of other ideas to consider: Disconnect the cables (apart from cables to sockets you can physically secure or are always "insecure") and require the mixed cases to use encrypted wireless with multiple wireless networks (at least "trusted" and "untrusted"). Use VPNs (Virtual Private Networks) on the cable. The VPN encryption isolates the "networks". If either of these are ideas could be useful (and I can think of a number of reasons why they might be "less than ideal") then I think you would probably need to provide further information along the lines of the number of computers involved, frequency at which computers change from "trusted" to "non trusted" (and vice versa), distances between computers, intervening materials, bandwidth involved, communication patterns, budget etc because neither of these ideas would scale as well as the other "less than ideal" proposals on the table. Some more questions: what makes a computer "trusted" or "untrusted"? Location ("untrusted" in an insecure area because someone passing by could see "sensitive" information on the screen)? the computer's function ("we don't trust the computers controlling the dishwashers because the software comes from North Korea")? the computer's user ("Grandma has an uncanny knack of downloading the most active and vicious viruses")?  something else? And what causes a computer to change from "trusted" to "untrusted" or "untrusted" to "trusted"? I've been a bit light hearted here partly because I confess a growing suspicion that making minimal changes is a higher priority than implementing any genuine network isolation and if that is the case I'm probably not very effectively using my time if I make any further contributions to this topic. My apologies if that suspicion is unjust.

TBH, if it is by design rather than something not working correctly then I would rather push the backup out to another server I have on the net, like I said, it works perfectly for the job it is intended to :) Thanks for the suggestions, I will leave well alone!

You probably need to change /etc/fstab

post your firewall rules.

Just out of curiosity, how often do you delve down on the console ? I have actually never logged in to the console after the install, on any of the sites I have installed on. So for me I would see no benefit from changing this value.

Please help.

Thanks I will use these options.  ;D

Thanks again.

@i_robot73: bumping. Anyone?  Wish I had more than 2 PCs to test better  ::) Both PC and server are on the same LAN subnet and pings won't go through the pfsense box - they go through the switch.  IMO, you have not configured the server to reply to Pings. As for RDP, it's probably the same thing in effect.  Make sure that Windows firewall (disgusting tool that I normally disable in lieu of better solutions) is set on the server to allow incoming RDP connections.

short: YES Long: 1. squid and squidguard need to be installed, if done with opendns it works a little better, do a block rule to prevent them from bypassing opendns, useful for sites that use https as squid does http only 2. yes with firewall rules 3. yes/no ads with squid and a custom config, spyware via http only with havp.

@elade: Is it going to be possible at version 2 connecting to ISP's at this method ? i found this topic: http://forum.pfsense.org/index.php/topic,25465.0.html and i can see this issue was already discussed and better get solved by Micky are you going to implement is solution at the new upcoming version ?