@mikesamo:

I get this working using static route with a bad gateway

LAN 87.230.0.0/16
LAN 178.77.0.0/16

Don't do that, just block those networks via a firewall rule.

Just want to confirm that it works. Some extra block rules are required so that the traffic doesn't slip in with the default "pass any to any" rule.
I find this solution really neat and simple, a lot better than what I was originally asking for.

You have two ways

first way:

unistall gui package

install nrpe freebsd package

save changes to config file

second way

change nrpe inc file that creates config file

apply config on gui

Of course backup your config before changing anything

Do you have any firewall rules built for it?

Look at your firewall logs during incoming and then outgoing calls…  Are you seeing the RTP ports being blocked?

Sip services are very different from provider to provider...  You might try turning off the RTP proxy and see what that does...

Under "Registered Devices" do you show your phones?  Are you cloning your number on more than one port?

For port 22, the best way to do this are using multiple nat on wan with different port for each server.

Server 1 port 2201 wan to 22 internal
Server 2 port 2202 wan to 22 internal

Or you could use openvpn to establish a connection to your lan

@podilarius:

did you do as marcelloc suggested and did an exit and return to shell to see if it was added to the path correctly?

ah forgot that parts, now it works perfectly, thank you so much for all the help! :)

@rizzler:

Hi

Let's say i have a .com domain i want to use here, i installed pfsense with this domain so all my computers are in "home.mydomain.com" now i would like this to work from the outside to so that if i surf to "home.mydomain.com" i get to the router interface, i enabled port 80 in the firewall but i get just "potential dns rebind attack" why? :/

Because that's not a hostname configured as one the firewall should answer on. See System>Advanced, you can fill in your additional name there. Or change the system's hostname to be what its real FQDN is.

Is the user created rule above or below the rules you posted? The default deny rule is above is is not a quick rule so that is going to be the action that is taken if traffic does not match any other rule.

The Definitive Guide is far more helpful with 2.0 than the Cookbook.

That puts the order on which pfil(9) consumers 'taste' packets.

It was developed first for overcoming some issues but now its not used at all as you can see from the * in ipfw its not a pfil(9) consumer as used in pfSense.

You already have an open thread on this - please keep it there.

Inside the non recommended packages there is a recommended freebsd version  :)

Install packages from same freebsd version pfsense uses. Current version is freebsd 8.1 p6.

*-stable packages could depend on shared libs that are not present o outdated on pfsense.

Anyone can write a package and submit it if you've got the skills!  ;)

See: http://doc.pfsense.org/index.php/Developing_Packages

If not then consider raising a bounty to get it done.

Steve

You have control of who does what on your installation.
Kern.securelevel is more of a needed option on multi-user installation while pfSense is not like that.

You'll need to forward port 587/TCP if people are connecting remotely to send email through your server (as opposed to 25/TCP for other mail servers).  You'll need 110/TCP and 143/TCP for POP and IMAP and port 80/TCP (and hopefully 443/TCP) for Webmail. I'd highly recommend that you configure your SMTP server and POP/IMAP server to support TLS and your web server to support HTTPS.

Those port forwards should cover your required remote access