A wild guess is that you need http://doc.pfsense.org/index.php/Static_Port
else "system logs", "states" and "Packet Capture" could help you finding out whats wrong.

right now pfsense is setup that it does have a public ip

quick question

does the block private address feature block  128.210.0.0 subnet?

I guess i was using an old version .. now Wallwatcher rocks  ;D

The gateway boxes from TUT systems do this. As do some of the commercial hotel gateways (linux based). It is kind of a nasty hack- if you plug one into an existing network, they will wreak havoc as they respond to every arp request…

@dotdash:

There have been numerous threads on similar issues, they may offer some help.
http://forum.pfsense.org/index.php/topic,8844.0.html
http://forum.pfsense.org/index.php/topic,7030.0.html

Thank you.

As far as I read, It Seams to be another MS/Windows Joke (Another plus one)!

Just because 6.2 is end of life does not mean our team cannot support it.

true  or maybe an option that could say just install and notify that the updates are going to be installed on the next reboot

i would think the server load would increase a little but not too much since it would just be checking to see if it needs updating…

@rgomes:

I'm having trouble setting up a DMZ, I've tried everything i could think of, but there is no way I can allow (some) access from the DMZ to the lan.
In despair, I even setup some rules allowing anything from any to any on both dmz and lan interfaces but still nothing.
I can access the dmz machines from the lan but not the other way around… I'm losing my patience because I'm pretty sure it should be working.
Any ideas? thanks

Seams to be an old problem,…

See This:

http://forum.pfsense.org/index.php/topic,7316.0.html

Regards.

You'll find other threads on this, the OpenBSD NTP server takes a long time (tens of minutes) before it syncs.  IMO it's far, far, poorer than the stock ISC version.  On the other hand, I've not been bothered enough by it to actually look to creating a package ;)

Hrm. Real strange. I went down to the serverroom and the first port (where the TP-cable from the pfsense box is plugged) just blinked. Off and on. The link was gigabit, but it just went off and on. I tried with the old cable - and it worked!

Sorry for this post, i could have tried this myself before writing a thread. Whats the chance of getting a defective network cable? :-)

Unsupported –> you're on your own.

pfSense is FreeBSD and not Linux.

You might want to install the developer version, since it's kind of a standard FreeBSD6.2 with pfSense on top.

I see. I will definitely try another switch in that case. It was a cheap one I bought off of someone on ebay for ~20 dollars. TP-Link 16 port switch. I will test against a small netgear switch that I have and see how the performance is since I know its a good one.

Read the thread Cry Hovok provided:

@David_W:

Typically options such as LDAP support that create added dependencies on fairly 'heavyweight' libraries are disabled by default in FreeBSD ports - and are therefore disabled in the FreeBSD package. This is to avoid pulling in a load of unnecessary baggage that many will not use, also there are at least four options for the OpenLDAP client libraries (2.3 or 2.4; in either case with or without SASL).

The www/squid30 port does have an LDAP option that you can set, but you'll need a FreeBSD box (or virtual machine) to build a suitable package, and you're on your own so far as getting the LDAP features going in pfSense.

With the box and a cross over cable set the lan ip to the one in the messed up rule.
Fix the xml. Reboot system. Set the ip on client system and connect it to the system. open console and reset password if ness. Open web and input ip. This should work.

@onhel:

I use UPnP and Advanced Outbound NAT for my PS3.

*Make sure you enable UPnP in your PS3 Settings/Network Settings/Internet Connection Settings.

In pfSense:

Setup a static LAN IP address lease for your PS3 in the Services/DHCP Server section.

Services/UPnP:

Check Enable UPnP

Select LAN in Interfaces

The "by default deny access to UPnP" option is also checked and I then setup a permission in the UPnP Settings:
"allow 3000-65535 aaa.bbb.ccc.ddd/32 3000-65535" using the PS3's static LAN IP in place of the aaa.bbb.ccc.ddd

One more step to help in getting into online games quicker (like in COD4) is using static ports.

Firewall/NAT/Outbound/Advanced Outbound NAT

WAN    aaa.bbb.ccc.ddd/32    *    *    *    *    *    YES    PS3 AON

I left the rest of the LAN to not use static ports.

WAN    aaa.bbb.ccc.0/24        *    *    *    *    *    NO      LAN AON

Solved all my problems with my PS3 using this setup.  NAT Type 2 and no problems with Voice Communication or finding online matches.

Give it a whirl

I tried everything outlined in this topic but I still can't get PS3 to work properly with UPNP and pfSense. I'm doing 2 Inet Connection Load Balancing on the pfSense box and I thought it would be best to get the Playstation a hard DHCP set IP and use UPNP in order to not put the  PS3 in a DMZ.

In theory everything should be working - I've enabled the UPNP service on the pfSense box and on the PS3; The PS3 is allowed to use the UPNP; the pfSense box itself is in 2 DMZs - one for each Inet Connection… I've also tried adding a firewall rule to bypass load balancing just for the ps3 - that didn't work either...

The problem is that when I do "test internet connection" on the PS3 it displays that NAT type is 3 and UPNP as "Unavailable" . Also in Status-> Upnp on pfSense box I see no activity...

Any ideas??

If you want it to happen faster offer a donation or a bounty for pfSense 1.3. These can help the developers devote more time to pfSense development.

That has been developed for pfSense 1.3 and looks complete. However I don't know when pfSense 1.3 will be released. You could create a bounty to put in a temporary solution until pfSense 1.3 is available. Other option is to setup another machine with a radius server using a database then point pfSense to the radius server.

Well that really depends on what features you need, and whether you're comparing a Cisco router or ASA.

If you need a captive portal solution, Cisco won't work for you and pfSense will. If you need multi-WAN, you're out of luck with an ASA, but pfSense or a Cisco router will suit you fine. If you need Websense integration, only Cisco will work (though there are alternative content filtering solutions that will work with pfSense). If you need to NAT VPN traffic, Cisco will work and pfSense won't (though I'd never recommend NATing VPN traffic, if you have to connect two networks using the same IP address space you have to use NAT).

Those are just a few examples. There are about a million different things you can do with pfSense and Cisco devices, some that pfSense can do and Cisco can't, some vice versa, and the vast majority that either can accommodate equally well. In most networks your only differentiator is going to be cost. On some networks only one or the other will be able to accommodate what you need, and there are just as many situations on each side. There are far too many variables and differences between networks and capabilities of the two to give you a definitive list.

I love the replies!  ;)

It looks like Freebsd does not use that field so its more than likely a lost cause.  Does anyone know if Freebsd/pfsense just monitors traffic through SNMP only?