@doktornotor:

@cthomas:

You'll need to specify the VIP directly, or create an alias which includes your wan address and vip address, and permit icmp to the alias.

… or just make it floating? :D

I have not worked much with the Floating Rules yet, can you elaborate on this setup?

No, it cannot be used with a bridge.

Chrome and Chromium work here (Windows, FreeBSD, Ubuntu) without issue, and I haven't seen complaints from any customers about it.

Not likely to be a general pfSense issue, but I suppose it could be a config issue or an issue with your ISP somehow. (Proxy perhaps? Something else interfering with its traffic?)

You could install the Backup package and then periodically grab a backup of /root/ and the user home dirs.

Eventually it would be nice to have the GUI create and store such user keys, but the functionality doesn't exist yet so for now they'd need to be backed up manually.

I have found the culprit: it's the gwled package. Once uninstalled, load is low again.

Actually I did as I wrote in first post. But the problem was in bind credentials option. I could resolve it by changing anonymous binding to a known user.

Thanks

Thanks all…i got it...I was wrong ;D ;D ;D ;D

My pfsense version is 2.0.2…but i solve it...
I just change "rrdcolors.inc.php" file from theme folder under the www ...
I never edit this file ,when i change it ,it's okay...
Thanks...

@jimp:

It may seem safe, but those are the most dangerous things. We can't just add them without proper testing. It may be harmless, but the fact is, we don't know. As unlikely as it seems, there is hardware out there that barfs on the most seemingly innocuous of options in certain cases. Not typical off-the-shelf stuff, but specialized/embedded hardware.

I have seen so many machines with boot broken by VESA/kernel modesetting on Linux that I'd be amazed if this did not break anything. And, those are normal desktop machines, not even embedded HW that gets easily upset by a whole lot less than this. On a FreeBSD note, read e.g. this:

http://lists.freebsd.org/pipermail/freebsd-bugs/2012-November/050688.html

This stuff is definitely not safe to mess with without proper testing, not to mention that most people just don't use this at all on a firewall.

Are you testing it from outside of your network, or inside?

relayd uses NAT, so accessing it from the inside may not work as you expect.

Either that, or the virtual server isn't set to use the correct IP address.

Yes, if it is physical, then 2 pfSense boxes with the WAN ports connected together in a subnet of your choosing - I guess you can even use a crossover cable and make each one the gateway for the other, or connect to a switch in the middle. That obviously won't test the real routability/connectivity issues in real life for getting the VPN to connect, but it will test that the security settings, certificates… are correct at each end.

I can't help but wonder, do you have the modems set as routers as well?  Are they capable of bridge mode?  Something looks very strange here.

You are right.
After 5 days of fighting with this I made this small typo :)
Now it is working like a charm.
So for people having same issue with cisco SLM20XX you should upgrade firmware to 1.0.6.2 for VLAN working (and set correct netmask ;))

wallabybob and NOYB I really appreciate your help. Thank you.

Hmmm. I still ave 2.0.1… Mostly because I have heard multiple complaints of people with PC installs like mine. I have several 2.1 setups in Alix boards which running smoothly. I will upgrade to 2.1, unless you advice not to (my setup is a PC with a Celeron Pentium 4 and 3 IntelPro NICs).

Best regards

Kostas

I think we really need to know if there is anything between the internet and pfsense like another DHCP server before we can say its pfsense.  PFsense excells at making tons of connections.  I doubt seriously a state limit is pfsense's fault.

BANG ON! darn it. What a waste of time. The pass from NameCheap portal was suffixing a white space. It seems like all the code update I did is waste now :(

Thanks a lot though everyone!

Set System > Firmware > Update Settings to either Stable or Developmental firmware. I would set it to developmental having learned my lesson of seeing broken features in stable versions but working in developmental version - many vouch for dev version to be stable in production.

browsershots.org doesn't like that site either.
Ends up stopped at  can not load krungsri.com/robots.txt

Totally not a pfsense issue.