you can't do that. installing packages locks things and you can't load other pages, you have to wait for the install to finish.

You have to do that by IP, need a DHCP reservation on that MAC if you're going to use DHCP on it.

I'm seeing an MTU issue after upgrading from 1.2.3 to 2.0.  I 'fixed' this by editing

/var/etc/pptp-vpn/mpd.conf

and adding:

set link mtu 1396

Then, killing the mpd process and restarting it:

/usr/local/sbin/mpd4 -b -d /var/etc/pptp-vpn -p /var/run/pptp-vpn.pid -s pptps pptps

That's not a pfSense 'solution' but perhaps others here could try it to see if our problems are the same?

This wasn't necessary before, so I'm wondering if defaults are different, path MTU discovery is somehow broken, etc.  BTW, I read that XP's pptp client requires 1396, so that's what I set for a compatibility floor.

The paid version of Kiwi syslog daemon can forward log records to another syslog server but I don't know if it can do that at the same time as logging the messages itself.   You might need to have two paid copies of Kiwi as well.

EDIT:  Having read the whole of the link below, I see that you don't need the paid version unless you want to spoof the original IP address.

http://www.kiwisyslog.com/help/syslog/index.html?action_forward_to_another_host.htm

~~I don't have the full version but you get 30 days of full function with a trial copy.  ~~It does only run on Windows though.

Good idea, that's very simple. Thanks!

I am pleased to report that I have discovered a solution. Thanks to everybody for eventually pushing me towards a solution!

In the end, this issue was caused by a configuration in the physical network that VMware did not like and, in fact, all VMs were suffering from poor network performance.

More specifically, the LAN side of the host system was running a teamed connection using 802.3ad protocol. This really served no purpose other than for my own vanity.The solution was simply to take apart this teamed link and run the gigabit ethernet ports individually while disabling all unnecessary adapters and services. I also followed as many recommendations as I could in the following document that my hardware allowed: http://www.vmware.com/pdf/ws7_performance.pdf

Again, thanks to everybody that pitched in on this problem and pushed me in the right direction, it is greatly appreciated!

Depends on how your ISP handles that. It probably dynamically assigns the PPPoE address (your WAN address) and routes your static IPs there. So you just need to set them up as Other VIPs and configure your NAT accordingly as desired.

It's a screwy way to block a connection, but that device is without question blocking the connection, it has nothing to do with your firewall. Off-subnet access being rejected is the most likely cause.

@stephenw10:

Since that's shown as a linked port forward I assume you have a firewall rule in place. Are you seeing anything in the firewall logs?

Steve

I don't know since all filter logs change so fast … anyway it was my fault ... had to connect to an external vpn server first then tried to connect via ssh to my host and it worked. Sorry for the trouble. Strangely though I hadn't to do this when using the Zyxel router ...
Connecting to my WAN IP address with a PC from the LAN directlly (i.e. not by using an external vpn) results in a connection timeout.
Thank you for your support stephenw10 ;)

I assume you also know how you can control a browser from another program/service to fill in forms from another program using a browser like IE, Firefox, and how to get the URL's out of them using COM or API's like FindWindowEx and SendMessage with WM_GetText as well.

@wallabybob:

@vitesse:

I'll check out logging flow on google (Mule) has popped up as one suggestion.

Some posts in http://forum.pfsense.org/index.php/topic,32256.msg238508.html give some more details on netflows, a book reference and some examples of the sort of reports that can be generated by the flow-tools package.

Thanks checking them out now and added my two cents as well.  ;)

Ok yeah, after some client disconnects, the process dies, and you can't connect again. I don't know why that's happening.

Also, I'm assuming this might be getting fixed, but if DHCP leases for OpenVPN clients don't show up in the management console.

for which type of account?

You can always just check the source of the page that adds those accounts and track down the function that adds that type of account.