I've been successful in adding VIP's using these commands for each VIP in the pfsense config (xl0 is my WAN interface):

<system>... <shellcmd>ifconfig xl0 10.1.1.254 alias</shellcmd> <shellcmd>route add 10.1.1.0/24 -iface xl0</shellcmd> ...</system>

Note I then had to add manual outbound NAT for each VIP created (192.168.10.0 is my LAN subnet):

WAN | 192.168.10.0 | * | 10.1.1.0/24 | * | 10.1.1.254 | * | NO
…
WAN | 192.168.10.0 | * | * | * | 192.168.0.2 | * | NO

(The second entry is the actual WAN interface IP)

I set this up a while ago, and foolishly didn't document any of it! So I hope this makes sense to you.

@jahonix:

10.0.0.2 (and 10.0.1.3) are your DNS servers on WAN as well.
What the heck is your ISP doing there?

Thats not my ISP, thats me. For some reason, DNS dosen't get passed through to pfSense, so I set it as 10.0.1.3 (Primary server on the wan side) and 10.0.0.2 (old router that this modem setup replaced). Reverted it to just 10.0.1.3, with the option to have it overidden enabled.

Edit: Updated to latest snapshot (1.2-RC3 built on Mon Nov 26 14:47:57 EST 2007) and it now gets my ISP DNS servers on vr0, or it could have been the reboot I don't know, I was pressing disconnect/connect last time and not getting the ISP dns.

http://doc.pfsense.org/index.php/How_can_I_forward_ports_with_pfSense%3F

If you're using m0n0wall, why are you posting questions in the pfSense forum?

http://forum.m0n0.ch/index.php?board=4.0

http://forum.pfsense.org/index.php?action=search

This really has be discussed numerous times.
Take your time and read.

results you get with the keyword: VIP
http://forum.pfsense.org/index.php/topic,5253.0.html
http://forum.pfsense.org/index.php/topic,6793.0.html

If it's a full install in the default configuration, the console menu will let you reset the password

Hi cmb.

I stand corrected.  To summarize:

By default, on full installs the password cannot be recovered through the serial port.  The option to reset the password is available through local (vga+keyboard) console however.

On embeded installs console option to reset the password can be accessed via serial port.

thanks.

Yah, but what I am saying is that there may be some type of wierd comaptibility quirk with the versio you are using and the pfsense software.

Also… What kind of connection do you have (DSL/Cable) and how is it setup?  Sometimes having your router handle PPPoE Authentication can mess w/ a VPN Client due to it's change in MTU size.

Peace...

and if you're looking for a mailing list just read hte official pfSense page
http://pfsense.com/

http://forum.pfsense.org/index.php/topic,5216.0.html

thanks, i might put it back on the P3 machine that i ment for it, im just having dissconection problems that now i know are not computer related

Really. Read the forum.
There are lot's of posts about this one. (no it's not possible)

Well I found vi, and after some to and fro got to editing and saving. So the only thing missing is what should actually be changed in mpd…

it was, apologies.
must have edited it without remembering and then it would run as a script.
doh.
::)

wow sometimes the most simple thing can solve problems.  Someone knocked the attached keyboard off the pfs firewall box and it was face down on the floor.  The depressed key was causing the sound.

see http://forum.pfsense.org/index.php/topic,6805.msg38804.html#msg38804 also. same problem there.

VNC over SSH port tunneling is good as long as you can trust your LAN. Better solutions depend on your client OS. With Windows, RDP is better from a security standpoint (better yet with Vista) and drastically better performance-wise. RDP security also depends on host-based controls like account lockout. Also Windows won't let accounts with blank passwords login over the network including via RDP, so that protects you from some mistakes.