Setup squid and run a proxy, this will give you the info you want.

Lightsquid is the package you want;
High perfomance web proxy report. Requires squid HTTP proxy.

It's ok with multi-WAN, not ok with server load balancer.

I also advice you to look for Mikrotik solutions - it's proprietary linux-based routers, but they are damn good, and level6 Mikrotik software license are free for their own hardware. Although, again, I have to tell you, that both Mikrotik and pfSense will be overkill in your case - netgear 3700v2 will cover all your needs until you will become something like to Google!  ::)

@krisken:

Well i did everthing…but nothing helped...

Its unlikely you have done everything so please elaborate what you have done and what you expect to happen that isn't happening.

You have made no mention of configuring an NTP client. Have you done so? The configuration information you have provided show ntp server enabled on the WEEPEE01 interface. Therefore you need a firewall rule on the WEEPEE01 interface allowing access to UDP port 123 from whatever clients you want to allow. Then you need to configure ntp on the client(s) to use the pfSense box (IP address of the pfSense WEEPEE01 interface) as its NTP server. You might need to reboot the client. Client NTPs sometimes report what they have done. Have you checked such logs? ntpd on one of my Linux systems regularly writes records like

Dec  8 06:20:51 mythbox ntpd[7413]: synchronized to 192.168.211.173, stratum 4
Dec  8 06:27:24 mythbox ntpd[7413]: time reset +2.452386 s

in /var/log/syslog

Have you checked the pfSense firewall log to see if ntp client attempts to access the server have been blocked?

Unfortunately my pfSense ntpd log remains empty (clog /var/log/ntpd.log) after some days of operation - not even a ntpd startup message.

Yep, just like he did it!  ;)
That's a nice video tutorial.

Steve

thanks friend
i found the answer ultimately.
sorry i was being more lazy :(

http://doc.pfsense.org/index.php/Installing_pfSense

Thanks
kalu

Thank You…that worked.
I knew I was missing something. :)

Thanks again.

Then you can edit first posts subject field with [SOLVED]

I have all of those options checked, however, I haven't assigned isatap as a hostname to any machine or device on my network. After a little more research, isatap appears to be something related to ipv6, so I'm just gonna disable ipv6 on all of the Windows machines on the network and disable ipv6 on the router.

There are DNS records for the machine on the DC, and the DC is in PFSense as a DNS server.

Some machine names are resolving in Lightsquids reports, though, which is a touch confusing.

All hard-drives have a set life the second they roll off the line at the factory. NO-ONE knows this life. I have seen hard-drives last 10 years, 6 months, 3 weeks, 10 minutes, and everything in-between. You don't know when its demise will happen. The hard-drive manufacturers can give an estimated time based on their "testing" of samples of hard-drives from production, but that's what it is, estimated. There are outliers. "Pristine Shape" is not quantifiable, you have no way of telling.

That said, these errors come up when your drive is going bad. Unfortunately, the price of new hard-drives have skyrocketed because of the flooding in Thailand.

It seems like you have done everything you possibly could to rule out a problem at your end. Multiplt routers, multiple modems etc.
I would bet good money on it being a faulty line card at your exchange but without a friendly telco engineer you are going to have a hard time getting anything done about it.  :(
Once enough people start having a problem (there are something like 20 lines per card) they will change it.  ::)

Steve

Did you have NAT reflection on?

Have you checked that the Windows boxes got the correct domain?  Do an ipconfig on your server and make sure it shows its host and DNS suffix correctly.  (Assuming it gets its IP address from pfSense as well and isn't set up as static)

It may be that you have to clear the state table too under Diagnostics:States Reset states tab.  Read the notes there about your browser connection.

Maybe the default is longer than than the firewall state timer.

If you want to attempt to block torrents completely then you can check in snort there are rules already for p2p traffic.

If you are just concerned of the bandwidth usage you can create a limiter for say 2mbps under Traffic Shaper > Limiter and then set that traffic shaper assigned to the firewall rules. If you use the "per ip" option you can use one set of rules for all clients.

OMG…
I'm sooo embarrased.
Somehow, I had the nic configuration reversed.
I've set this so many times that I guess I wasn't paying close attention when configuring the nics.
Strangely, it worked on the 192.168.1.X and I didn't change anything other than the lan IP.
But after rebooting, I noticed that the IP's were reversed.
Of course it wouldn't work.
Sheese!
Working like a charm now!!
Thanks for all your help!!

I decided to completely reinstall pfsense and configure my settings from scratch, but the glitch still appears  ???

thanks, this method works perfectly. Even without assigning an ip to the interface. And you can change the duplex setting directly in the gui! :)

OK…um.  Now what do I do?  How do I need to set up the virtual IP.  Proxy ARP?  CARP?  Other?  I started out with Alias IP.  Do I still need to set up 1:1 forwarding from the physical interface to the virtual one?