You don't want to use a network or host alias for that many entries. In 2.3, you can go up to 5000 members. Anything beyond that has to be a URL table alias, and likely anything beyond 1000 really should be as well.

First, complete your network…. and then...  test.  Even though it may work as connected it's not ideal and may not be reliable.  Not to mention, both NICs would need to support Auto MDI/MDI-X and Auto-negotiation. Go buy a switch, finish your network and retest. I would also recommend PCIe NICs if you have the slots.

Can pfsense support up to 16 Nic? Yes it will be able and there are appliances out there that will be able  to offer you many LAN ports as you need it. One of them would be the scope7-8771 from Landitec it is a official European distributor from Lanner. But if you think it might be that you change even the hardware if something is not really running likes expected this would be a hard and expensive trail for you as I see it right. Perhaps you might be getting a Layer3 switch that is then proper routing the VLANs for your network and the pfSense firewall is then only routing the WAN-LAN part. It would be perhaps the better option, or perhaps if money is not rare booth will fit and makes you happy.

There was a circumstance we fixed in 2.3 where radvd would try to run where it shouldn't have. It's just harmless log spam in that case.

Per the hardware requirements page (https://www.pfsense.org/hardware/#requirements), even on bare metal, in order to get over 500 Gbit, you need: Multiple cores at > 2.0GHz are required. Server class hardware with PCI-e network adapters. So, I would go multiple cores, 4GB RAM and a 64 bit install to start with. Also, I've seen posts that suggest unless you're using the VMXNET3 driver you will see a ~400 Mbit limit. It may also be worth mentioning that since you have an HP server and using ESXi, you might want to re-install with the HP specific ESXi image, so all the drivers are VMware certified.  It may or may not make a difference, but it's just a thought.

Also one thing you do wrong is the router IPs. If the pfsense firewall itself do have 192.168.1.1 and 192.168.2.1, you CANNOT have the routers/AP's have the same IP. Then you will get a randomly unstable connection since roughtly half of the time, the router will reply on something the firewall should reply on. The routers/AP's should preferable use 192.168.1.2 and 192.168.2.2. So if the WRT54G really has the IP 192.168.2.1, you are getting a IP collision in your network, and thats why you get "Unstable connection" inside Android. So what you should do: LAN = 192.168.1.1 OPT1 = 192.168.2.1 Linksys = 192.168.1.2 WRT54G = 192.168.2.2

Sadly, that does not seem to help.  I dug up an older 100Mbps switch from a closet and stuck it between the cable modem and the pfSense router.  The first thing I noticed after resetting things was that when I powered down the cable modem, the router didn't appear to even notice.  Eventually, it did go into a "Pending" mode, but it still thought it had a valid IP address and I never got a failover to the UVerse WAN.  Turning the cable modem back on resulting in no recovery at all.  I still needed to reset the modem and the router. As far as I can tell, the IP address that I'm given by ComCast is a public one.  It is not an RFC1918 address. Dave

Perfect…thanks again  :)

Use the top command on shell to see the process php-fpm and look if closing the graphical interface the process will get lower. sorry my bad english

Yes. Did work. I comment the stty lines who were not allowing the change: // If the user does exist, prompt for password while (empty($password)) {         echo gettext("New Password") . ": ";         //exec('/bin/stty -echo');         $password = trim(fgets($fp));         //exec('/bin/stty echo');         echo "\n"; } // Confirm password while (empty($confpassword)) {         echo gettext("Confirm New Password") . ": ";         //exec('/bin/stty -echo');         $confpassword = trim(fgets($fp));         //exec('/bin/stty echo');         echo "\n"; } So i got change the password for both ssh and webgui: [2.2.6-RELEASE][admin@pfSense.localdomain]/root: ( echo admin ; echo password ; echo password ; echo exit ) | pfSsh.php playback changepassword Starting the pfSense developer shell…. Enter username: Changing password for 'admin'.  New Password: Confirm New Password: [2.2.6-RELEASE][admin@pfSense.localdomain]/root: Thank you a lot

I've been using Softether for many years and never had any issues. Would be very nice to add this software to pfsense ;)

I have a similar setup. Basically, rules are tied to interfaces. And interfaces are virtual based on VLANs. So, if you won't remove VLANs, rules should be fine too. You just need to: remove igb6, igb7 from the lagg create lagg1 add igb6, igb7 to lagg1 reassign interface on vlan10  from lagg0 to lagg1 Done. All rules should be untouched. No reboots, not even a downtime. But certainly perform a config backup prior to changes.

Well, that would explain it all then Facepalm What a waste of an evening!!! Thanks

I have solved my problem, it was in the member attribute and the credentials for the ldap bind. Thank you Now i can authentify my users with the authentification diagnostic. I have to setup a captive portal and Freeradius package for the connectivity between pfsense and openldap server Freeradius is obligate for ldap loggin on the captive portal ? Sorry for my english

Thanks for the reply jimp. Do you recommend any particular router to be used in conjunction with pfSense? I can try a different device and test the up/down speed.

Your 3Com switch will need to allow you to configure and use VLANs otherwise this won't work. If you connect the modem to the switch without VLANS then everything on the switch will be able to access the modem and the laptop router won't be doing anything. You will also need to make sure that the NIC on your laptop supports VLAN tagging. You will need to setup one separate untagged VLAN port for your modem (the WAN VLAN) and have all your other devices and ports untagged on another internal LAN (which everything else connects to). The port on the switch which the router laptop connects to will need to be tagged to both VLANs. In pfsense you would then create two VLANs corresponding to those on your switch, and assign one to the WAN interface (the same as the modem's VLAN) and one to the LAN interface. If your switch doesn't support VLAN tagging, then you will need to get either a USB or PCMCIA NIC for your laptop which is compatible with FreeBSD 10.1.

Is your wireless a wireless card in pfsense?  An AP on your lan network, a wifi router?  Did you configure this wifi router as AP or is it also natting? So your saying clients wired to pfsense work just fine - its only your wireless that is having issues.  Please describe how your wireless is setup.  If interface on pfsense optX for example then you would have to configure the firewall rules on that interface to allow traffic.. By default any new opt interfaces you create in pfsense have NO rules and all traffic is blocked.