If your port 80 is opened it means that you are allowing http access to your internal servers or firewall from the internet. If you are using windows you will forever be attacked by viruses, trojans and stuff like that, it is fact of life on windows. PFsense is a firewall which makes access to your internal network more safer if you configure it correctly. I do believe that it doesn't matter what firewall you use if it is not configured properly it will not protect you the way you expect it. It is best to do more research on firewalling and tcpip as you need this knowledge before doing it yourself. Read more Google more Eric

These questions have all been asked and answered in these forums many times.  As time is of the essence, help us help you by doing the relevant research first.

The reason for the alias can be found here.  It was a way to stop the errors being generated. I just noticed that in the "bounty" post, it was suggested to use an alias of 192.168.100.10, not the 192.168.100.1 that I used.  Maybe I'll try that next, especially as I can reproduce this now. Cheers.

The default LAN rule only allows the LAN subnet, you'll have to open that.

You could have them all authenticate against a single RADIUS server.

Thanks for that. Can see where its occurring now: When Captive Portal starts up it calls routine captiveportal_radius_stop_all() That then attempts send a radius stop request for each username in the captive portal db file. Problem is it also calls getVolume(rulenumber)  to get the number of input/output bytes for each username/rule from the db file. That rule doesnt exist so sits there and errors out. Has to go through each and every username/rule in the db file and this is a slow process when you have a large number of users in the file still (guessing its slow due to error handling or something) Hmmm….whats the best way to clear this up I wonder ? Cant let it run through the routine closing all accounting records for users - so could just delete the captiveportal db file on service startup (that would sort out my un-clean reboot issues), but causes a mess with concurrent logon checks Could just send a dummy username through to radius to truncate the radius accounting table on startup - seems a crazy way to handle it Could run a query against the MySQL radacct table manually on service startup (bypassing radius all together). No such a detached model and also dont have extensions in place to hit MySQL directly. Who's got a good idea ?

I did not disable that. It is still un-checked - The wording is a bit confusing for it's description but from what I gather if it's un-checked it's enabled. I changed the ports to reach the router to some random port and I did use to reach it with httpS (SSL). So, maybe there is a bug and the anti-lock doesn't work with a port change done as I was locked out both through the VPN and the LAN. However, I did tamper with firewall rules that day. But as you are saying those should not have effected given the anti-lockout was NOT check-marked. Thanks,

@wallabybob: In Services -> DNS forwarder, below the first save button, add name entries for your systems with static IP addresses. That seemed to work. Thank you!!! pfSense is great, and it is so versatile, and I'm still learning. Thank you all!!!

Correct, you will want to find an IP nearby (logically speaking) and use that to maintain consistency of your quality RRD graphs.  If you can't use your gateway IP (which you should be able to, regardless of the fact that you're getting a new IP from the ISP on DHCP renewals), your local ISP's DNS servers, if they respond to ping, would be a good choice.

Port 25 is normally used by the SMTP server. Unless I've mistaken your description, the log entry is telling you that someone outside your firewall is attempting to access the SMTP server inside the firewall. If you want to allow this access you will have to add a firewall rule to allow it. If you are sick of the reports you could add a firewall rule to block the access and not log it.

A few thoughts: Why would you disable proxy?  Unless it is causing you headaches/problems with something, I would preserve all the bandwidth you can - especially in a dorm environment. Read up on the Sas6/iR and other raid cards.  Check the HCL for the appropriate FreeBSD versions and read posts in this forum regarding compatibility etc.  I ran into issues a while back, but that was likely when pfSense was built on an older version of FreeBSD. Intel NICs>Brodcom NICs - read numerous posts on the subject in this forum Depending on how you have IPs assigned, you could use BandwidthD to monitor usage by IP. You'll need Squid with logging enabled to track site visits, LightSquid will be a big help with this.  You could also use something like OpenDNS and redirect all the DNS requests to their server, but this probably won't tie site lookups back to individual users unless you are handing out 'real' IPs.  Squid logging is far more comprehensive.

That was it thank you. The Backup area was confusing me as it was always outputting ALL, then I found the bug listed and it's actually because I left Do not backup package information checked, so it has to be unchecked when backing up specific areas.

Just wanted to report back that the problem has gone away. Not really sure why but my best guess is that it is heat related. Have been unable re-create the problem.

Ok, thanks

Go to Diagnostics -> Backup/Restore and download your config. Next time please search the forum.

Thank you efonne, I've end up removing the sixth nic from my pfsense box, and when I did that, I broke pfsense completely. Couldn't do anything like get to shell locally or ssh into the box, something about 214 xml, even tho dhcpd was still working. Had to do a wipe and reload, I had configuration backup just before I started messing with it. I'll setup another pfsense box try your suggestion if it works, I'll implement it into my primary. If it doesn't work I'll get a managed switch.

Thanks kindly for your answers. You're right, it seems that the fault lies in the hotel's internet server, not something he did to my computer or connection settings. So that's a relief.