@dyox: Hi, guys My question is: How PFSense "knows" my Internet speed? For example, I have a 50MBps Internet link, which is attached to my PFSense on a 1GBps Lan Port. How it "knows" that the link is 50MB and not 1GB? Did I have to set it, if so, where? This question is related to Load Balance. This is the Link Priority explanation: "The priority selected here defines in what order failover and balancing of links will be done. Multiple links of the same priority will balance connections until all links in the priority will be exhausted. If all links in a priority level are exhausted then the next available link(s) in the next priority level will be used." If PFSense don't figure it out that the link is 50MB, it'll never be exhausted and the Load Balance will not work. It doesn't know Load Balancing When two gateways are on the same tier, they will load balance. This means that on a per-connection basis, connections are routed over each WAN in a round-robin manner. If any gateway on the same tier goes down, it is removed from use and the other gateways on the tier continue to operate normally.

Dude how did it the drawing you create do it by default??  Yes I understand the switch sets those as excluded my point was that there is no point in showing that on your drawing because it is a GIVEN!!!  That all other vlans are excluded. As to harm, I don't know do you count a performance hit as harm? File sharing your talking about p2p? Torrents? So your putting in proxy and blocking all other access to the internet that does not go through the proxy?  Just installing squid doesn't stop all the other access.. [image: drawingexcluded.jpg] [image: drawingexcluded.jpg_thumb]

Its not so much that either pfsense or switch create the vlan, they both need the vlan info to be able to work together.. If the vlan is untagged pfsense has no clue that its in a vlan, just traffic it sees you control what untagged vlan that interface pfsense sees in the switch. If your sending tagged vlans to pfsense interface, then yes pfsense needs to know what IDs are which..

up on this. Thanks

I went through and double checked all my settings.  I discovered that the "From" line was causing the problem. I had to create an email for each pfsense box (used alias accounts) that was recognized by our mailserver. So, for one pfsense box I created an alias email of " office-1-pfsense@myemaildomain" and it worked fine I then created alias accounts for each pfsense box I will put into production so I can easily recognize them in my emails Thanks so much for all the comments and suggestions!!

@ronwbrown: I don't want to bridge the entire WAN, just one of the IP addresses..  I don't know how, or if it is even possible I actually have 3 subnets x.x.x.32/29 (1 gateway 5 usable) x.x.x.72/29 (1 gateway 5 usable) x.x.x.80.28 (1 gateway 13 usable) I want to assign x.x.x.35 to server on lan going thru pfsense You can break the x.x.x.32/29 into two /30 subnets, then assign the second of them to the LAN or DMZ interface of pfSense. ISP x.x.x.33 –--- x.x.x.34/30 pfSense x.x.x.37/30 ----- x.x.x.38/30 Server Now, since the ISP still believes that his router shares L2 segment with the whole x.x.x.32/29 subnet, you have to trick him using ProxyARP VIP x.x.x.38/32 on the WAN of pfSense that will make the server reachable from the Internet.

I considered that and the complexity it added, got a SG-2440 with three LAN ports, much simpler. Also if I ever have an issue it is easy to swap in another router and get back on line while debugging or waiting for a repair.

Perhaps a DHCP static mapping with the ARP Table Static Entry option enabled could be used. MAC address: ff:ff:ff:ff:ff:ff IP address: 10.0.0.3 Hostname: Broadcast-Agent Description: Broadcast Agent (ex: WoL Magic Packet) ARP Table Static Entry: (checked)

The Pi really works well, mine is an original Pi-2 which has a really slow Ethernet and poor processor compared to newer versions but it works well enough to be far better than the closest ntp servers I can reach on the net. This plot is using both the right and left axis to get a better view of what is happening, with just one axis the disp pretty much swamps the other data. [image: ntp-Screenshot_20160702_101656.png] [image: ntp-Screenshot_20160702_101656.png_thumb] [image: ntp-2-Screenshot_20160702_102717.png] [image: ntp-2-Screenshot_20160702_102717.png_thumb]

OK, thanks for the verification.

Well if they are all static pointing to your dc's for dns what does that have to do with pfsense?  Doesn't your DCs forward to 8888 if that is what you want them to use?

Anyone?

Hi Guys, Just wanted to reply to say I have changed the IP Addresses as suggested but this has made no difference. When changign teh duplex on the pfsense box I still get the same outcome on upload speed. When I try to chnage the duplex on teh switch the port goes down and will only come back up when takin gteh duplex off and it reverts back to auto? Any other ideas on what it could be? I have checked the port on the switch and the only service running on that is sflow forwarding. Thanks

Your logs show captive portal loading. The status tgz output would definitely help. Browse to status.php and download the resulting file and attach that. Your ticket was replied to less than an hour after you submitted it, with the main suggestion I offered here, switching to 64 bit. Might want to check your spam if you didn't get the email. I assigned your ticket to me, so it'll notify me when you attach the status output. I'll check that and reply back to you there.

Yeah that's the error I was referring to. If that VM's on shared storage, it's likely some kind of problem with the ESX host and the shared storage. If you're not up to date on patch levels on ESX, it might be some issue in the hypervisor that's since-fixed. Could be a hardware issue with the server if it's local disk. Every time I've seen that reported, it's been a host issue.