You also mentioned LACP. I'm assuming that it's not configured in a way that it spans both switches, correct?

Quick - backup your config!!!! haha

the issue fixed it self… i dont know how

I agree that ESF would be far more knowledgeable and detailed however, I need tutorials over the phone with some basic and moderate techniques of configuration. I think it will take about an hour, and won't cost $400. At some point I may be willing to spend that money but right now I need to try this way and see how far I get

Interesting… JimP says "netgate guys" as though there is really any difference between the companies. The VPC wizard is not going to be in the "community edition" of pfSense anytime soon.

if it was a problem, we would have released a new version by now.

if it was a problem, we would have released an updated version by now.

If it installed correctly and easily before, it should also again. I'd WIPE the drive and reformat, deleting all partitions.  Use linux. Then reinstall pfsense. Is this a full install?  I'm assuming it is.

You can use a fixed dhcp lease so that your selected clients always get the same IP. The use the whitelist to bypass squid for those IPs. Steve

Nope. No 80 or 443 come to play. I've changed the Web UI's port and opened it in the firewall, it stays reachable now. Not sure what happens, seems like the anti-knockout rule isn't effective anymore as other connections continue to work. Should be able to verify that when changing it back to 443 and opening the port seperately from the knockout rule.

@pidakala: I am trying out  pfSense on my home PC which I wanted to deploy in near future as router/firewall/IPS/web filtering system. I have downloaded Snort and playing with few settings on Snort. I find that the number of Alerts logged in under IPS Connectivity setting is overwhelming and too many. Is there anyway to Limit the Logging based on  number of logs per second etc. I could not find those settings on pfSense webConfigurator. I am also looking for to stop TCP SYN Flood and UDP Flood attacks. Is there anyway to do this in Snort packages that comes with pfSense. Thank you very much.. Suppress Lists are used in Snort to "rate limit" events.  You can also suppress certain common false positives entirely.  There is an older thread in the Packages sub-forum with the words "Master Suppress List" in the title.  It has suggestions for several experienced Snort users. Snort with its associated rules is designed to look for specific attacks where the packet data matches content and metadata contained within the rules.  There are scan rules that can help with TCP SYN attacks. Snort on pfSense offers a blocking mode that will insert an offender's IP address into a table in the pf firewall.  This effectively blocks further traffic from that offender until a timeout you set expires.  There is a basic How-To sticky thread posted in the Packages sub-forum for the Snort package.  You may find some useful information there.  There are also a number of experienced users who are regulars in that sub-forum.  You can post questions there and probably receive more and quicker replies. Bill

I found the reason, I have two network cards with the same subnet, that was what produced the conflict. Thanks

EasyRules are created by you or someone else.  When you view the firewall log, if you click on the red/white X under the Source column, it will prompt you to create an alias and firewall rule to block that IP address.  At some point, you or someone else must have done that.  You should be able to delete both the rule and the alias.