I see. Cannot wait for 2.0 final release (aka stable) !

You should start by upgrading to 1.2.3 release, since there's no point in running a release candidate this long after the final version was released. Then try connecting a console and use that to reset the password. Then you'll also be able to see if there are any errors on the console that might explain your problem.

OpenVPN should be safe as well. The load balancer pools do not affect any traffic by themselves. And the gateway settings on the LAN rules won't affect your VPN traffic since it's not entering the firewall on the LAN interface.

The logs would also show problems with the WAN interface. It could be your ISP or your ISP connected device (cable/ADSL modem etc)  - what about other connections to the Internet?

@rooster: Thanks! Got a few more general questions if anyone has the time/answers. I will be reading the documentation, and hopefully have more challenging questions soon enough. What about load balancing by port? That is, does pfSense have the ability to designate a portion of bandwidth to say VPN connections, FTP, http? Inbound and outbound? What about outbound traffic from the DMZ going out as the same public IP as the actual server? That is, right now with my set-up of IPCop, all outbound traffic goes out under one IP address (Firewall IP address) rather than the “true” public address for that server. There is no real 'DMZ' in pfSense;  You simply need to do a 1:1 NAT for the server.  Alternatively, you simply use a firewall rule to force all traffic from the LAN client(s) IP(s) to the specific external IP you want to use.  Most of the 'features' you need are basically effected from Firewall rules. Even the traffic shaper rides on Firewall rules to assign traffic.  =) Get your firewall rules done right and your problems are all solved.

It was actually an issue with an internal ACL. Nothing to do with pfsense, sorry for wasting your time! :(

I was just about to ask where to find the informations how to set it up. Your description of the features sound awesome. I will have a look at it and then might be in touch for commercial support, depending on my impression ;) (if it is too easy it's a compliment for the developers although it might be bad for you :p - if it is too hard I might skip the pfSense idea, even with the option of commercial support - if it's just right, it's just right ;) ) thanks so far

try Goto System -> Generel Setup -> deselect "Allow DNS server list to be overridden by DHCP/PPP on WAN"

That's the system syncing its time, just like Windows, OS X, pretty much every OS in existence today does. Any related vulnerabilities would be with a server not client most always.

@sot010174: I've had the same issue. In my case this happens whenever I'm on the Traffic Graph (with rate package on wan) page. Closing the tool stops the messages. :) that's normal expected behavior with the rate package. rate in 2.0 has been patched to not go into promiscuous mode (doesn't need to in a firewall scenario) so you don't see that there.

The FTP proxy was completely redone in 2.0, so it's probably your best bet at this point.

If all goes well it may make it into pfSense 2.1 then :-)

Yes, what you're looking for is known as a reverse proxy, web accelerator or load balancer. You'll find a number of options available, including the ones on that thread you linked to.

Ok, i'm migrating a flat network and using a pfsense as firewall. i have a 3 interfaces box, one for wan, two for "lan". For now i'm using both lans in the same subnet, with same ip. I do assign both ports (interfaces) the same IP. I do it to make easier the network configuration. The DHCP scope, for instance, provides one gateway for all hosts on my network.  So it works like a charm, the problem is that in the end, this two ports are working like a hub. So the solution would be to enable "bridging" in both interfaces, right? But with bridging, can i still using one IP to both interfaces? Or should i create different subnets and assign different ips to both interfaces and keep both port in different subnets? The problem with this option is that it brings an undesirable complexity. @jimp: Then you bridge the interfaces together, not assign them IPs in the same subnet.

This would be a real pain to do in pfSense.  You'd be better served setting up a stand-alone squid box to do all this.  Be aware that a lot of this stuff, especially anything using ImageMagik can really use up a lot of CPU, so plan accordingly.