Thanks, your comment about multicast put me on the right track. We run pfsense on KVM and used the passthrough NIC setting on the guest rather than just using a bridged set up. For reasons beyond me, this does not allow multicast traffic to pass to the network. Changing to a bridged network config for the pfsense VMs solved the issue. omping for the win. My other issues are best placed in another topic, so marking this solved. Thanks!

Use your first wan as your primary, failing over only in case of failure to your second. Open the ports you want open per wan interface. If you want traffic from your second wan then point your external traffic at it, it'll still come through if the rules are set, at least to my knowledge

No problem. That's useful info, bound to be a few others caught by that.  :) Steve

It should be no update without a reason. You should have something similar in the log: php: rc.dyndns.update: phpDynDNS (MyHostName.privatedns.org): No change in my IP address and/or 25 days has not passed. Not updating dynamic DNS entry.

I periodically get a "slow response" after restarting PFSense. I think it has something to do with connection pools and modern browsers. I get this often with Chrome and FireFox if I have the browsers open when I restart PFSense. Try loading up an incognito or privacy mode and run it side by side to see if the privacy mode "fixes" the issue. If it does, just close your browser and open it back up. Don't just close a tab.

where can I find the check-box to disable the lighttpd logs in Version 2.1.5-RELEASE (amd64) built on Mon Aug 25 07:44:45 EDT 2014 ? thank you edit: found it  

I'm not sure about those cameras or how many you can stream or processor required.  I never stream more than 1 at a time due to bandwidth constraints.  Mine are not open to public so when I'm not logged into one, its not burning bandwidth.  The way I do it, I could support as many cams as I like on a little bandwidth.

thanks for the replys, i have updated to 2.2 RELEASE now anyway to will rescan again soon as see what comes up

NVM - fixed with reinstallation

In pfSense install the OpenVPN client export package. Export the in-line config for Android. Import that into the Android client. The certs and key are all taken care of. I'm sure there are some instructions here somewhere…... Here: https://doc.pfsense.org/index.php/Android_VPN_Connectivity#Exporting_configuration Steve

Nope.  Not mbuf exhaustion.  I originally thought this might have been the issue but it's no where near the max.

Figured it out: https://doc.pfsense.org/index.php/Installing_FreeBSD_Packages Thanks for the up to date doc's.

Plenty of help here: https://doc.pfsense.org/index.php/Boot_Troubleshooting

@Derelict: I would ask the ISP if they can assign a /29 or /30 (OR /31 IN 2.2??) for your WAN interface and route the /26 to you over that.  You'd have a lot more flexibility in how you use the addresses that way. (Like putting the /26 (or part of it) on an OPT interface and turning off NAT.) An alternative might be to bridge WAN with OPT, then assign WAN to use BRIDGE0.  Anything you then plugged into OPT would effectively be out on the /26 with your WAN address.  But an outside switch can accomplish the same thing.  You lose essentially all firewalling capability this way. ^^^ What he said, Option 1. Generally speaking, ISP's will give you a L2 point-to-point and a L3 routed block, most people install a router with the p2p (/30) on the front, and the routed block (/26) on the back-end. (You would then IP you firewall on the /26)  In this case, the router becomes a single point of failure. Ask for an L2 /29 from the ISP so that you can support redundant pfSense Firewalls, then use your L3 /26 behind it on your DMZ interface.  You can still do NAT for certain hosts if you want by using VIPs, but you'll also be able to assign the public IP's directly to hosts by connecting them to the DMZ network. [One day pfSense may support HA with smaller blocks (/30 or /31), but until then I would recommend a /29] …ct

If you have the budge ($20k), SolarWinds NPM, hands down. If not… SpiceWorks just released a stand-alone Network Monitoring application.  It's a new product, customization options are limited, and it only supports WMI and SNMP at the moment.  But, it's free, it works, and it has a very simple slider to control how much noise it'll generate. (Alerts) ...ct

The HDD (CF Card) failed. What a pain, but back up and running. Took the opportunity to increase the memory.