@jimp:

There are many posts here on the forum about that. Search for 192.168.100.1 or the llinfo error and you'll turn up several useful discussions.

http://forum.pfsense.org/index.php?topic=54171.0
http://forum.pfsense.org/index.php?topic=56330.0
http://forum.pfsense.org/index.php?topic=62964.0
http://redmine.pfsense.org/issues/2704

Since you mentioned in this post http://forum.pfsense.org/index.php/topic,62964.0.html that with v2.1 might be better I will wait for the final version.
At least I know what its causing my issue so I know how to fix it.

Depends on switching, bandwidth throughput, ect…

Low bandwidth + managed switches = Assuming the networks are on separate vlans, a pair of interfaces and using vlan separation.
Low(100MB)/Medium(1GB) bandwidth + unmanaged switches = 7 interfaces one for each network + one to the Cisco.
1GB+ then a LAAG configuration or 10GB nics.

Why not just use pfSense as the firewall and default gateway?  ...wouldn't be the first time a 5xx/2xxx/3xxx series router was replaced by a pfSense box;)

Ah, two different interpretations of the VPN requirement.
When you said home country did you mean where your pfSense will be or somewhere else you previously lived?

Steve

there will be no problem with the amount of ip, just in case be sure have the same segment on the lan and the network mask, read about nat 1to1 or just in case that have less ip but have mores services, port forwarding

cheers

hold on, you have some virtual interface to create a vlan? you must have the trunk, and then some vif(default gw for those nics) to connect internal and do the routing and everything! another thing its know if the card support vlan tag, and you should be good, when the package of the new nic, comes can you provide some review of the performance…

Sweet! Thansk for the quick and seemingly absolutely correct reply :)

OK,

i entered:
date 1306171306 which sets the clock on "june 17 2013 at 13:06"

my mistake was:
date 201306171306 -> so i entered 2013 for year –> and that didn't work ::)

can u elaborate more? What is it for?

if a user is signing on with there auth keys. why do i need this?

i can delete them? can i regenerate new keys?

can i delete the DSA and the other one, and just keep RSA? can i change then to 4096 bits?

any where i can read up more on this?

@cmb:

I'd just run Security Onion rather than Snort on the firewall.

I guess he's trying to achieve some sort of IPS-like functionality, where the triggering of a Snort rule not only creates an alert but also dynamically adds the offending IP(s) to the firewall's block-list, similar to what is (at long last ;-) offered by pfSense's Snort-package.

i will try them all

For example if I run 'ipconfig /all' on this machine, WinXP home set to get it's details via dhcp from pfSense:

C:\Documents and Settings\Steve>ipconfig /all Windows IP Configuration         Host Name . . . . . . . . . . . . : NewTuring         Primary Dns Suffix  . . . . . . . :         Node Type . . . . . . . . . . . . : Mixed         IP Routing Enabled. . . . . . . . : No         WINS Proxy Enabled. . . . . . . . : No         DNS Suffix Search List. . . . . . : fire.box Ethernet adapter Local Area Connection:         Connection-specific DNS Suffix  . : fire.box         Description . . . . . . . . . . . : Realtek RTL8139/810X         Physical Address. . . . . . . . . : 00-30-1B-AB-18-C3         Dhcp Enabled. . . . . . . . . . . : Yes         Autoconfiguration Enabled . . . . : Yes         IP Address. . . . . . . . . . . . : 192.168.2.10         Subnet Mask . . . . . . . . . . . : 255.255.255.0         Default Gateway . . . . . . . . . : 192.168.2.1         DHCP Server . . . . . . . . . . . : 192.168.2.1         DNS Servers . . . . . . . . . . . : 192.168.2.1         Lease Obtained. . . . . . . . . . : 16 June 2013 11:16:05         Lease Expires . . . . . . . . . . : 16 June 2013 13:16:05

I am then able to ping other machines by their hostname:

C:\Documents and Settings\Steve>ping NewBabbage Pinging NewBabbage.fire.box [192.168.2.2] with 32 bytes of data: Reply from 192.168.2.2: bytes=32 time<1ms TTL=128 Reply from 192.168.2.2: bytes=32 time<1ms TTL=128 Reply from 192.168.2.2: bytes=32 time<1ms TTL=128 Reply from 192.168.2.2: bytes=32 time<1ms TTL=128 Ping statistics for 192.168.2.2:     Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds:     Minimum = 0ms, Maximum = 0ms, Average = 0ms

This works even though 'fire.box' is not a real domain, or at least it's not my domain.

Interestingly this works even though I don't have 'Register DHCP leases in DNS forwarder' set in pfSense.  :-\

Steve

Sure sounds like the Teaming on the server and Link Aggregation on the switch is not working together. If you have Intel NICs this article might come in handy:

http://www.intel.com/support/network/sb/cs-009747.htm

@anthix:

Both Nic Cards have the IP 10.1.2.1.

A quick count of what you have told us about suggests there are at least 5 NICs. Which specific NICs are you talking about? A very good guide is that (unless you know what you are doing and have thought about it carefully) each NIC should have a unique address.But that is not sufficient to give you a working network.

It is probably a failure of my imagination but I don't see how @anthix:

Both Nic Cards have the IP 10.1.2.1.

will accomplish  either @anthix:

monitor the traffic

or @anthix:

keep people out of my server when they're using the lab computers.

My suggestion: pfSense LAN IP: 10.0.0.1 with netmask size of 16 (255.255.0.0)
pfSense: SER1 IP: 10.1.0.1 with netmask size of 24 (255.255.255.0)
Windows server 10.1.0.2 with netmask 255.255.0.0 and default gateway 10.1.0.1.
Let pfSense handle DHCP on the LAN. (I don't know if Windows DHCP will allocate IP addresses outside its own subnet.)

You might find it informative to read an introduction to IP Routing such as the Wikipedia article on the topic.

https://www.google.co.ve/search?client=ubuntu&channel=fs&q=ipsec+to+ipsec+pfsense&ie=utf-8&oe=utf-8&redir_esc=&ei=pVi7UYHxI5DM9gSZ1ID4BA

http://doc.pfsense.org/index.php/OpenVPN_Site-to-Site_%28Shared_Key,_2.0%29

Well, i feel a tad sheepish, and assish, but it was my reinstall of windows8 that was causing the problem.  I thought of that, but, 1-couldn't think why that would cause a tracert done by pfsense itself and all the other connected systems to go bad, and 2-could see no indicators of windows being set up differently, or anything that I could see that suggested some kind of 'footprint' of windows getting it's grubby fingers into the mix.  I need to talk to timewarner about the erroneous traffic reporting, but such calls tend to make me want to kill myself, but ya gotta do …

Thanks for the suggestions guys, have a good one

Thanks!!!!!

What I've been searching for!