So make a bridge. One member interface will be lan1_vlan201, one will be lan2, and the other lan3. I've done it. It works. Bridge traffic will be tagged with ID 201 on lan1 and untagged on lan2 and lan3. I, too, would use a switch since you want a switch and pfSense is not a switch. https://doc.pfsense.org/index.php/Interface_Bridges

Thanks w0w… very useful, that gave me what I needed to figure it out. The issue was that python was not executing. The so called "portable" shebang that worked at the command line #!/usr/bin/env python2.7 - DOES NOT WORK from cron. I created the following file as /home/custom/bin/tcron #!/usr/bin/env python2.7 import os os.system('/usr/local/bin/minicron') When run from the command line, it put the minicron error into the log every time it is run, but did nothing when run from cron. I changed #!/usr/bin/env python2.7 to #!/usr/local/bin/python2.7, and now it works. I don't know if this is intentional that #!/usr/bin/env python2.7 doesn't work from cron, but for now I'm not going to worry about it. I hope by documenting this it might save somebody else the same trouble, and if it's a bug that should be reported, someone who knows how to do that will do so.

@Harvy66: HTTPS proxies are bad ideas. There have been attacks over the years that take advantage of the proxy blindly signing content. You mean "transparent HTTPS proxy with SSL-Bump" isn't it?  ??? Because HTTPS proxy with explicit proxy without MITM (SSL-Bump) doesn't exhibit behaviour you (rightly) describe  ;)

im trying to do exactly this. If you just use the unifi captive portal, you need a dedicated computer to run the captive portal on, which is why i want to use pfsense. I can customize the pfsense CP more, and i dont need to sit a second computer on the lan to run it.

Check: https://forum.pfsense.org/index.php?topic=110043.0

iPhone tethering discussion: https://forum.pfsense.org/index.php?topic=114559.0

Following the suggestion on this thread : https://forum.pfsense.org/index.php?topic=101587.msg617211#msg617211 I set WAN to flowcontrol, master and LAN to master.  This eliminated the watchdog timeout, and reduced the frequency of the discard frame from every 3-4 hours to roughly 11 - 12 hours. I will try disabling driver options and see what happens

Yeah kind of need to see when it disconnects and its going to show it trying to reconnect, etc. You could even bump up the logging level, verbosity in the vpn client settings as precursor.. You may want to increase the number of lines you can view in the log, and or even send your logging to syslog so you don't loose anything, etc. You can always view the actual logs vs what is presented in the gui.. But just blindly rebooting is not good idea..

@justsomeguy6575: Did you get this resolved with new network cards? I'm having this exact issue using D-Link DGE-530T cards. I believe it only started after a recent update to 2.3.2 as I hadn't experienced this before. I haven't had a chance to revert back to an older version to test yet but probably will this weekend. Unfortunately not… I received the Intel 3 days ago, I did a fresh install of the stable build with no luck. After that, I tried to install the 32bit stable version and the PC did not boot :p :p I finally fresh installed the 64bit daily snapshot which appears to have a little bit better performance. I tried to play with the QoS and I realized that if I find the way to find tune it, I will solve the problem. I'm looking for a guide for a simple QoS but I can't find something complete and for beginners...

One of the many differences is iperf is in userland and packets moving to/from the network must go through kernel space to the userland, which is a lot of extra overhead. You can tweak the OS to be better at this, but sometimes comes as other costs. As a router/firewall, the packets stay in the kernel and certain optimizations can be done.

Hi, I'm new to this forum. I hope you can help me. CoinTos can you post me same example of apcupsd command you use on Shellcmd? Thank's in advance.

Thanks all for your help. However, none of the steps were able to resolve my issue. Here is the link I followed to resolve my issue http://www.cyberciti.biz/faq/how-to-pfsense-configure-network-interface-as-a-bridge-network-switch/ This can be closed now. Thanks.

Want to join a friend online to work.

@guardian: Good point… I've been staring at the port side of the box because of where it's mounted, so I forgot about those holes, so I could see possibly doing that. Only thing is, if that is a serial port, wouldn't it show in dmesg?  I don't have the FreeBSD background to know how to probe for the UART. So before cracking open the case and risking physical damage I would want to: Step 1: Detect the presence of a UART though software to determine if it exists and what it's hardware is. Step 2: Determine if there is a driver for that hardware, and if it needs CTS/RTS flow control to operate. If I get though 1 & 2, then I'd do a test with the box open, and if that passed, I'd worry about making it pretty, but unless I get 1 and 2 figured out first, don't want to put the effort into the physical stuff. **An aside: Also, how to you reassemble the unit.  I looked inside when I installed memory and SSD, and that heat sink arrangement looked pretty scary to put back together if the motherboard was removed. ** BTW… does your original image file have higher resolution of the components around that connector? When I looked at it, my first guess was that it was power to support a SATA device plugged into the SATA port. I think your best bet is to switch one of your 8 KVM devices to use the serial console and change your pfSense box to that open KVM connection. I agree that we should be seeing the serial port show up in dmesg if it was detected on the motherboard. Do you have any serial or com port settings in the BIOS? I also agree that putting this machine back together may be difficult with the heatsink