what can i check to fix this?

redis is only used by ntopng, and would only be exposed if the WAN rules were really sloppy or if the scanner was on LAN. Your LAN rules might be too permissive for you environment if the latter case is true. You should be blocking all access to the firewall's LAN interface except for services which must be accessed from LAN, such as DNS, icmp echo, maybe the GUI port and ntopng ports if you don't have a dedicated management network.

Your issues are most likely not specific to the SG-2440. You should post the pfBlocker issue directly in the pfBlocker board of the forum: https://forum.pfsense.org/index.php?board=70.0 You might try disabling pfBlocker entirely to see if the second problem goes away when it's off.

Under Routing -> Gateways -> Advanced i checked : Use non-local gateway Use non-local gateway through interface specific route. That fixed all my problems. Case Closed

^ This.  If you're concerned about costs, at the very least you should implement a WSUS server for your Windows clients, and a web proxy like squid for AV updates.

Well in theory you can do this, ADSL2+ connection–---to pfSense WAN port--then connect LAN to----Netgear LAN PORTS(acts as a AP and wifi NO DHCP  and gateway)----wifi devices or ADSL2+ connection-----to pfSense WAN port--then connect LAN to--another wifi netgear(acts as a AP and wifi NO DHCP or gateway)----wifi devices and ADSL2+ connection-----to pfSense WAN port----then connect LAN to----Netgear LAN PORTS(acts as a AP and wifi NO DHCP AND This would mean you have 2 WIFI with different WAN only if your ADSL2 can give 2 WAN IP

Thank for your responses: I found this: (http://www.tech-faq.com/dmz.html) Dual Firewall DMZ Model In order to create a more secure network DMZ, two firewalls can be used to setup the architecture. The “Front-End” firewall is setup to allow traffic to pass to/from the DMZ only. The “Back-End” firewall is then setup to pass traffic from the DMZ to the internal network. The two firewall or dual firewall model is considered to be more secure than the three legged DMZ option since there would have to be two firewalls that would have to be compromised for the network to be compromised. Some organizations even go as far as to use firewalls produced by two different companies to make it less likely that a hacker could use the same security vulnerability to access the internal network. As an example, if a network administrator makes a setup or configuration error on one firewall brand, he or she would likely make the same mistake on the second one. If a different brand or vendor’s firewall is used for each then the odds of a configuration mistake propagating across each firewall is much lower. The practice of using two different firewalls; however, is more costly and requires additional effort to maintain when compared to the single firewall model. In the end i decided to learn and go with the single firewall 3 prong interface. The education continues. Thanks all.

I may have resolved it. I ran through the traffic shaping wizard with PRIQ. In the past I attempted HFSC thinking it was the best thing to use. On the DIRECTV side of things I set RTSP to high priority. Seems to be running smoothly. As for Roku, not sure yet as I haven't used it lately. Will update if the issue persists.

Okay, I booted it into single user and then ran through the fsck without using the journal.  It made a series of recommendations that I agreed to by choosing y each time.  After the first run through it still said that the system was dirty.  So I ran through one more time without the journal.  For the most part, it still booted the same as above, but this time it actually goes right into booting the config.  Additionally, I am able to actually mount -w /, and make changes to necessary files.  But the question still remains, how do we avoid this from occurring in the first place?

Thanks for all of your patience regarding my ignorance of this topic.  I have finished watching a really great series on VLAN's on YouTube, and I am getting a better understanding. I will watch them one more time, and taking your responses and assistance as tools, I  will attempt to build the VLANs I have used as examples in previous posts. I'll post either a success story or durges of a flame-out when the experiment is finished.  Thanks again to all of you!

@Derelict: The old unit wouldn't even run that command. What version of pfSense was it? Sounds like a correct decision was made re: the old hardware. Thanks.  The newest one, 2.3.2-p1 amd64.

I see. Thank you very much.

it can IF the multiple wans have different subnet's. this usually means different isp's

As traffic is routed out an interface those rules determine how the source IP address and port are mapped. There are many uses for them a few: Sourcing traffic from a VIP instead of the interface address Not performing NAT at all if the inside addresses are routable/public Using a pool of source addresses in high-volume environments Setting static source ports for services that require it

Well I found a slightly used tp link 24 port L2 managed switch for $240, VLAN heaven here I come!

This is another great site for Mail Server Blocklist validation:     http://multirbl.valli.org/ If you have your mail server on a separate WAN IP then your main WAN IP, then it looks like a device on your LAN was caught sending SPAM… Create some firewall block rules to block all outbound MAIL ports from your main WAN IP network... Enable logging, and see if you get any hits on that... Then cleanup the infected LAN device(s)...

If I remember correctly it has something to do with the MAC address VSpehere is assigning the new interface (at random). As most unix/linux sort their interfaces with some kind of "lowest mac address first", there could be the problem in your case. If the random assigned MAC is lower than one of the other 3, it gets mangled. (I stand corrected if that's not the case here, but we had a somewhat similar incident with normal BSD and Linux hosts and vSpheres random MAC assignments) Greets