You need to use username root http://doc.pfsense.org/index.php/HOWTO:_Access_pfSense_filesystems_remotely_with_scp // rancor

thank you. so my assumption was correct.

Tried raising it to 1600, followed the recommendation I could find on mysql's forum. Non of them worked.

understanding that is not nessessary as this is just a function of how a virtual network works; virtual nics follow the same rules an actual nic follows. you'll want to chat a different forum for specifics on that issue if you must know all about vmware et all. all you need to know is what comes first and when. dont confuse 'multiple gateways', with simultaneous outbound gateways (a routing function) as opposed to a succession of gateways (a hierarchy). let us know when you have implemented this setup and we can help you more, as i think you'll have a better understanding of the basics involved here and we wont be rehashing the same content over and over. i dont want to sound rude at all, but i think if you made out a diagram it would help considerably.

your best bet is to read up on Squid, and install the package from within the pf webUI. simply blocking sites based on IP via the firewall is possible but will end up taking a ton of time to enter, and maintain (ip's can and will change especially with a large list of hosts like you seem to have)

simply adding the snort package to pf is free, and snort also offers a free rules package; but the rules are 1-2 months old i believe. if you upgrade your rules package from the snort site; you get up to date rules and a few other perks if i remember correctly. here are the prices: http://www.snort.org/store

Thanks you very much!

I added that one to the GUI as well. If someone wants to go through and test all that out and recommend a good sane default, the docs can be changed.

Personally I just keep the raw logs and if I want something, I grep for it (or zgrep, or bzgrep, if the logs have been rotated/archived) :-) I realize that's not ideal for most people, but I rarely have to go back to old logs, it's just nice to have them handy. To do some of what you want requires a system like Splunk that would put the logs into a database and give you a nice GUI to wrap them up in. If others have suggestions for similar (hopefully free) products it would be nice to know. We are working on a central management system for pfSense that will include central logging functions, but that will not be a free product when it happens

I would prefer to use bridging if that was an option so you can leave natting and anything else to device which handles those very well. and ofcourse loadbalancing+failover when you have several lines to use.

I was using a WRT310n with DDWRT mini. Sometimes DD got frozen and I have to reboot it manually. This makes a lot trouble for me. [image: M.png] Now I switch to Pfsense because my ISP is going to provide the fibre-optical connection. It's much faster than before(it was 2M/4M, Now it's 10M/20M/100M).. DD may also work with this fast speed network but I am sure that a ROS system like Pfsense will be a better choice. Since I am running a small personal server at home. I just installed the Pfsense as a virtual machine within Vmware. WRT310n will be  a Access Point and HUB which connect to the Pfsense. [image: M.png] It takes some time for setting up Pfsense, but it still worths a shot.

thank you sir for your answer. Yes i understand. but the picture i submit here. it was when i just check with one computer on my network. but when all workstation goes full it goes way high 100/500. :( if i speed test from direct modem i gets 12/13 MBPS from my each modem. but when i speedtest from pfsense with load blance i only gets 19/20 mbps. Is it ok? On mY other shop we are not facing this kind of problem…. and about 2.0 pfsense actually i could't configure. Loadblance setup. I already spoke with one of pfsense commercial team member for for help. But i know its charge high for me at this moment. i asked him for documention for this kind of setup. i will pay for this. he told me to ask on the forum. so it will be great help if some one do this for me. i will pay for this. but not 600 dollar. thank you...

Add the iftop program.

it is not problem, when i finished my work, i am changing permisson with "chmode -w"

I had a PFS box that with similar(if not exact) problem as what you described, all the settings are okay, webGUI okay, captive portal radius auth okay, even package info display nicely(if internet down it will say sth like can't access server), but just no internet connection on the user side. The issue fixed by reinstalling the squid package. My squid is on transparent mode. Did you try to reinstall the squid package to see if it can help your issue? Your squid is in transparent mode so it is capturing all port 80 traffic automatically but it is not proxying them out. Did you see anything funny in the squid cache.log? Did your squid use any disk cache? What is your hdd usage? Or apparently the most direct way backup your settings, factory default your PFS, and restore them back, the squid would reinstall itself and settings will retain(once an internet connection hooked up to WAN), be warned that I never try this on any snort. Better if you have another spare machine, set it up as PFS, and try on that. So you won't ruin the old PFS further.