Thank you for your response stephenw10.  I really appreciate it.  I'll make sure to change one of the interface types to none.

Yes. Go to SYSTEM -> UserManager and set the privileges for a user and/or a group of users.

Yes, you've got the general idea of double NAT.  The primary purpose of NAT is to translate/map public IP(s) to private IP ranges (10.0.0.0/8 172.16.0.0/12, 192.168.0.0/16) to facilitate Internet access.  For this reason, it should only be done once, probably at the provider edge (WAN).  In reality you could do it as many times as you want, but future troubleshooting could be difficult and certain applications might not function properly.

Tested with "Disable Gateway Monitoring" ON, and it brights the link UP again w/o problem. So that would only apply to something critical, like wireless link. Other than that, I can only think on RRD Graphs to report for quality link.

I actually didn't need to change anything with Squid, it must default to being active on the VPN interface. What I did have to change was putting the ACTUAL gateway IP as the proxy address instead of the PPTP pretend gateway as the proxy address (the gateway is actually x.x.x.254, the gateway IP in PPTP is set to x.x.x.253; x.x.x.253 gets me to the web UI, but the proxy doesn't work unless I use x.x.x.254).

Oh, your right - im running under VMware and remember first choosing em0 as the Wan link before i switched to ppp in the widget. I check that … Hey, default was at em0 (which is now lan) and not on ppp - thank you works like a charme now !

Alright thanks for taking a look at those crash reports i was sending. I tried replacing the RAM and HDD but i still get notification light on the server. Even tried removing ram and HDD completely. Thanks again anyways.

I have not done it but I know with the Captive Portal you can put an IP address in the "Allowed IP address" tab and it will allow access without going through the portal.  I don't know if you can force someone to go to it though, it would probably have to be requested by their browser.

Hi Sean, Would you mind being a little more specific about the virtual IP configuration? As you've made, I've read forums and documents on the internet and my Pfsense is not doing the Load Balance correctly. Thanks in advanced. Yezid

Thanks much wallabybob for helping clear that up some. Ed

@jimp: How about now? Looks good! Verified in preview and post. Thanks.

So good news/bad news. Good news is i no have internet pushing from LAN into my switch and i can connect devices to the switch for internet access now. Bad news is i dont know what i configured previously to not be able to do this before. At the pfsense console i choose the factory defaults option to start from scratch and i only enabled dhcp on LAN, plugged into switch and i was up and running. So i really dont know what i did to mess things up in the first place. Live and learn i guess. Thanks to posters for trying to help.

Thats what I was trying to find out stephen So long as I have some information to go by, that will allow me to be able to work on the rest of it I just have to remember to backup the config now, as I have the squid proxy server finally working as it should be (man you wouldnt believe what relief it is to finally see it working as it should). I've transferred the Wireless NIC from the Sun Workstation to my Proliant ML350 G5 (which is going to be built as the Fileserver/Backup Server) But do you think finding 15k RPM SAS drives is cheap? lol as well as DDR3 ECC Ram, lol  ;D I've configured the pfsense box as best I can for now, so I have to finish the rest of it after work tomorrow (Have to be up by 5am to be ready for work  ::) )

Ah yes.  :-[

I am not sure if I understand you correct but for pfsense it is independet if there is another router which does NAT on the interface. What you describe - or like I understand it - it is doueble NAT. This is working. You can do LoadBalancing and Failover as you like. ISP–--NAT-Router1--------NAT-pfsense-------LAN ISP2-------------------------- On the pfsense interface which connects to the other NAT-Router you will probably have to uncheck "block private networks"

No way to do so. It would be faster to manually import than write and validate something to do it in an automated fashion unless you have thousands of rules.