I decided to use a ping script to do this instead.

Are these full installs or nanobsd? The crash dumps are only kept on full installs, nanobsd would just automatically reboot. Without any other info it's hard to say, but you could be hitting this: http://doc.pfsense.org/index.php/Tuning_and_Troubleshooting_Network_Cards

Hmm, yes you are close. I have to say that I have only played with this a little and mostly under Ubuntu and that was a few years ago! My own modem turned out to be supported by u3g on FreeBSD so I didn't need usb_modeswitch. Does your modem have an SD card slot? It looks like it's doing it's thing. From the log you see it has removed the virtual cd drive and you can see it receives the '1' response it's looking for. From memory the creation of a new serial port does not generate any log entries which is why I initially thought my modem wasn't working. Check the contents of /dev. There are two ways in which serial ports are represented by FreeBSD and both are shown just to confuse you. Here is the output from my box before I connect my modem: [2.0.1-RELEASE][root@pfsense.fire.box]/dev(2): ls ad0        ata        cuau0      devctl    klog      mem        ptmx      stdout    ttyu1.lock urandom ad0s1      bpf        cuau0.init devstat    kmem      nfslock    pts        ttyu0      ufs        usb ad0s1a    bpf0      cuau0.lock fd        led        null      random    ttyu0.init ufsid      usbctl ad0s2      console    cuau1      fido      md0        pci        speaker    ttyu0.lock ugen0.1    xpt0 ad0s2a    crypto    cuau1.init geom.ctl  md1        pf        stderr    ttyu1      ugen1.1    zero ad0s3      ctty      cuau1.lock io        mdctl      ppi0      stdin      ttyu1.init ugen2.1 And after: [2.0.1-RELEASE][root@pfsense.fire.box]/dev(3): ls ad0          console      cuaU0.2.init devstat      mdctl        pts          ttyU0.1.init ttyu1.lock  xpt0 ad0s1        crypto      cuaU0.2.lock fd          mem          random      ttyU0.1.lock ufs          zero ad0s1a      ctty        cuau0        fido        nfslock      speaker      ttyU0.2      ufsid ad0s2        cuaU0.0      cuau0.init  geom.ctl    null        stderr      ttyU0.2.init ugen0.1 ad0s2a      cuaU0.0.init cuau0.lock  io          pass0        stdin        ttyU0.2.lock ugen1.1 ad0s3        cuaU0.0.lock cuau1        klog        pass1        stdout      ttyu0        ugen2.1 ata          cuaU0.1      cuau1.init  kmem        pci          ttyU0.0      ttyu0.init  ugen2.2 bpf          cuaU0.1.init cuau1.lock  led          pf          ttyU0.0.init ttyu0.lock  urandom bpf0        cuaU0.1.lock da0          md0          ppi0        ttyU0.0.lock ttyu1        usb cd0          cuaU0.2      devctl      md1          ptmx        ttyU0.1      ttyu1.init  usbctl cua and tty devices are all serial ports. Those with a capital 'U' in the name are USB connected serial ports. You can see that my modem add three serial ports. Steve

You can block ip, network ranges and hostnames with pfsense alias. To block urls, you need a proxy server(squid)

Thanks for reporting back.

You don't have a security issue. A /24 subnet (common on a small or home network) is equivalent to a subnet mask of 255.255.255.0. This implies addresses between x.x.x.0 and x.x.x.255. A computer using that subnet can send packets directly, not via a router or gateway, to any other computer in that subnet. A /1 subnet would be the entire internet! Your computer thinks it can reach any address without going through a router or gateway, clearly wrong. It's hard to say exactly what was happening that allowed some traffic to be routed correctly. Steve Edit: You could use a subnet of /32 on your WAN instead. This would imply that all traffic from it has to go via the gateway. However if /24 is working for you it's not a problem.

glad you got it working :) took me 6 hrs to figure out how to get php modules to load into pfsense with out breaking it. that's why i posted my howto's  get them to install, so other people world not have the same problem that i had.. also for my "memory back up". because in a couple  months when I need to do it again for some reason I will probably of forgot how to do it..  :P

@brcisna: The card you have listed in your example is the exact pci-x card I have. How can you tell that? That boot log extract is from FreeBSD 8.2 booting on a Sun Fire V490. You can see in the log that cas0 is on pci0, a standard 33MHz PCI bus. I suggest booting from your knoppix CD and copy/pasting the boot log. The cas(4) driver is still active, have you tried one of the new build snapshots based on FreebSD 8.3? http://forum.pfsense.org/index.php/topic,46459.0.html Steve

I don't know how to explain… Just imagine one pfsense with 2 Public WAN IP and PPTP Server. I have another site with a WebServer. This Webserver connect to my pfsense with PPTP Client and the traffic for port 80 of the second WAN IP is redirected to the PPTP Client ? PPTP Server is just an example, it could be OpenVPN or a direct "tunnel" between the router.

PPP will "normally" allocate an IP address with a subnet mask of 255.255.255.255. PPP is Point to Point Protocol - the interfaces don't belong to a "subnet" in the sense that LAN interfaces do. PPP is not a broadcast protocol. Static IP on PPP "normally" means the PPP server always allocates the same IP address. Here's what the pppoe interface on one of my pfSense systems: $ ifconfig pppoe0 pppoe0: flags=88d1 <up,pointopoint,running,noarp,simplex,multicast>metric 0 mtu 1492 inet 203.144.23.199 –> 121.50.212.9 netmask 0xffffffff inet6 fe80::219:e0ff:fe68:314b%pppoe0 prefixlen 64 scopeid 0xa nd6 options=3 <performnud,accept_rtadv>$</performnud,accept_rtadv></up,pointopoint,running,noarp,simplex,multicast> @stilez: Connectivity here need PPPoE (to handle CHAP) and also need the interface to 'know' its subnet. Why does the interface need to know its subnet?

Tough luck. Only physical interfaces can be bridged. I can't select virtual OPTx interfaces. And I would still have the issue of the parent interface, if that would get disconnected, the whole VLAN falls apart and fails. I'll be able to test the bridge this week or early next week, as my boss wants it in use before I go on vacation (which is in two weeks :)). I'll report back with the results once it's in production use.

thanks guys … Everything up and running ... finally i can breath easy))

I noticed the code looks for specifically for an IP. I have commented out the code suggested to the OP and I am able to work using both a port and a DNS entry. Is there a way to enable it to allow for DNS entries in the future? Thanks. EDIT After posting, I stumbled upon the following Redmine ticket: http://redmine.pfsense.org/issues/1544 It appears hostnames will be enabled in 2.1

Nice write up!  :) You should probably add a security disclaimer of some sort.  ;) Steve