I'm more than happy with our new ownCloud versus our crappy old FTP server.

Harvy66, thanks for your reply. I didn't mention it, but my gateways are pretty stable, so it's definitely not the case. Also in the example I provided states was cleared for SSH connection which was made from local LAN to the BACKUP node only. No other states were affected.

1. Yes. Backup the config, reinstall, and restore the config. When reinstalling, use the gmirror option in the installer to make the array. 2. There is a widget for gmirror status, and Diag > GEOM mirrors for status and disk management. If you have SMTP notifications enabled, it notifies on any status change of the mirror. The diag page also offers a way to forget disks, add disks, rebuild arrays, and so on. It doesn't let you create new mirrors, however.

It's under the Firewall menu. https://doc.pfsense.org/index.php/What_are_Virtual_IP_Addresses

what can i check to fix this?

redis is only used by ntopng, and would only be exposed if the WAN rules were really sloppy or if the scanner was on LAN. Your LAN rules might be too permissive for you environment if the latter case is true. You should be blocking all access to the firewall's LAN interface except for services which must be accessed from LAN, such as DNS, icmp echo, maybe the GUI port and ntopng ports if you don't have a dedicated management network.

Your issues are most likely not specific to the SG-2440. You should post the pfBlocker issue directly in the pfBlocker board of the forum: https://forum.pfsense.org/index.php?board=70.0 You might try disabling pfBlocker entirely to see if the second problem goes away when it's off.

Under Routing -> Gateways -> Advanced i checked : Use non-local gateway Use non-local gateway through interface specific route. That fixed all my problems. Case Closed

^ This.  If you're concerned about costs, at the very least you should implement a WSUS server for your Windows clients, and a web proxy like squid for AV updates.

Well in theory you can do this, ADSL2+ connection–---to pfSense WAN port--then connect LAN to----Netgear LAN PORTS(acts as a AP and wifi NO DHCP  and gateway)----wifi devices or ADSL2+ connection-----to pfSense WAN port--then connect LAN to--another wifi netgear(acts as a AP and wifi NO DHCP or gateway)----wifi devices and ADSL2+ connection-----to pfSense WAN port----then connect LAN to----Netgear LAN PORTS(acts as a AP and wifi NO DHCP AND This would mean you have 2 WIFI with different WAN only if your ADSL2 can give 2 WAN IP

Thank for your responses: I found this: (http://www.tech-faq.com/dmz.html) Dual Firewall DMZ Model In order to create a more secure network DMZ, two firewalls can be used to setup the architecture. The “Front-End” firewall is setup to allow traffic to pass to/from the DMZ only. The “Back-End” firewall is then setup to pass traffic from the DMZ to the internal network. The two firewall or dual firewall model is considered to be more secure than the three legged DMZ option since there would have to be two firewalls that would have to be compromised for the network to be compromised. Some organizations even go as far as to use firewalls produced by two different companies to make it less likely that a hacker could use the same security vulnerability to access the internal network. As an example, if a network administrator makes a setup or configuration error on one firewall brand, he or she would likely make the same mistake on the second one. If a different brand or vendor’s firewall is used for each then the odds of a configuration mistake propagating across each firewall is much lower. The practice of using two different firewalls; however, is more costly and requires additional effort to maintain when compared to the single firewall model. In the end i decided to learn and go with the single firewall 3 prong interface. The education continues. Thanks all.

I may have resolved it. I ran through the traffic shaping wizard with PRIQ. In the past I attempted HFSC thinking it was the best thing to use. On the DIRECTV side of things I set RTSP to high priority. Seems to be running smoothly. As for Roku, not sure yet as I haven't used it lately. Will update if the issue persists.

Okay, I booted it into single user and then ran through the fsck without using the journal.  It made a series of recommendations that I agreed to by choosing y each time.  After the first run through it still said that the system was dirty.  So I ran through one more time without the journal.  For the most part, it still booted the same as above, but this time it actually goes right into booting the config.  Additionally, I am able to actually mount -w /, and make changes to necessary files.  But the question still remains, how do we avoid this from occurring in the first place?

Thanks for all of your patience regarding my ignorance of this topic.  I have finished watching a really great series on VLAN's on YouTube, and I am getting a better understanding. I will watch them one more time, and taking your responses and assistance as tools, I  will attempt to build the VLANs I have used as examples in previous posts. I'll post either a success story or durges of a flame-out when the experiment is finished.  Thanks again to all of you!

@Derelict: The old unit wouldn't even run that command. What version of pfSense was it? Sounds like a correct decision was made re: the old hardware. Thanks.  The newest one, 2.3.2-p1 amd64.

I see. Thank you very much.