Thanks again for the replies everyone. I'm learning a lot (and reading Mastering pfSense to try to get the best out of it). I'm currently considering upgrading the APU2C4 to a Dell PowerEdge T20 (Xeon E3-1225 v3), which should handle our line speed for VPN easily. The APU handles our 200Mbps ISP speed (no VPN) without even breaking a sweat, just a few % CPU, but it'd be nice to offload the VPN to the router/firewall rather than having multiple locally connected clients at home.

Cool thanks! I stopped it then started it again. Now it seems ok!

Purchased from them via Amazon.ca.  No issues at all.

If you add the suggested firewall rule then you should be able to access the WebGUI from WAN.  If you're already forwarding 80/443 then you can't use it for your WebGUI and expect to get to it.

If your account doesn't have access to the factory images you can use the CE install images on that without any issues. Even if it's got a CF at this point in time I'd use the serial memstick to perform a full install on there. An SSD would be a better fit but that will still work on CF. Primary reason being that NanoBSD is not available on pfSense 2.4 so you'll have a smoother upgrade path now if you make the switch when you're already planning for some downtime.

Hi, Still having this issue.. Has anyone fixed this or is it addressed in a newer release? Currently running: 2.3.2_Release Thanks.

The activity on 2.4 has been drowned out on those graphs by the madness of commits that were necessary to get 2.3 going with the new GUI. 2.3 was a massive undertaking on the frontend of things, 2.4 has been more backend work and cleanup. If you look at  https://redmine.pfsense.org/projects/pfsense/activity there is plenty of activity every day (and that doesn't include the ports or src repos). Plus as we near 2.4-RELEASE things slow down in some areas as we hit a wall of harder bugs that take more time to fix but result in fewer rapid commits. A good chunk of the tickets assigned to 2.4 are in a feedback state waiting for people to respond and confirm the bugs are fixed. As usual some tickets assigned to 2.4 will be pushed forward if they are not going to make it into 2.4 as well. And undoubtedly there are some bugs in the 'new' state that have been addressed or are otherwise invalid but haven't been caught and closed yet. If you want to see the percentage of tickets closed on 2.4 rise, go look at tickets in the feedback state and test them, and respond on the tickets.

Yes the problem was in SSD.I replaced it and know all it's working fine.Thank you very much!

Thanks @JeGr I didn't know about this load-balancer option in pfsense. And you are right about the LAN VIP. :)

nice Brother! hahaha!! i think you made a Super Pfsense Server.  ;D  8)

@PiBa: You would enable that option if you 'need' the client-ip of the actual client for logging/permissions/other and cannot accomplish that by other means like x-forward-for header or proxy-protocol. Its certainly usefull, but causes some trouble as well.. (there is a warning message with it for a reason ;) ) Ok thank you. Everything is setup now the way we want it. Just a new cloud infrastructure coming as well. Then back to my usual programming day job ;) Thanks again for your help :)

Hi. @yahav02: hi javcasta this script work on https web site ? thenks It is not my script. You must go to the source: How To Block File Uploads Using Squid ACL’s http://nanlyx.blogspot.ie/2013/04/how-to-block-file-uploads-using-squid.html Regards

In answer to my own question I seem to have found a solution on this post. https://forum.pfsense.org/index.php?topic=72605.msg396370#msg396370

Hi BlueKobold, thanks for your reply. im not running a bridge im just trying to get to the ipsec nets on my pfsense. we are using sonicwalls now and it works, but i want to replace them with pfsense boxes, and i cant get this to work.