All testing came back fine, thanks to the many that helped. Release is now out!
http://blog.pfsense.org/?p=694

I have provided more information as to how my ISP provides internet connection.

Please note that the ip address 10.40.108.x is not put in the Win 7 network configuration but in the pfSense configuration page.

Hope it helps in resolving the issue.

Thanks.

network.jpg_thumb
network.jpg

To answer OP's question - the 35Mbps limit is a known issue w/ the POS Sagemcom modems that Bell provides.

There's a few work arounds that involve double NAT or (as of today) unlocking and MacGyvering a bridge mode.
http://www.dslreports.com/forum/r28103988-DSL-bridge-mode-on-Sagemcom-f-st2864.

Whether or not a gateway is specified under Interfaces determines how the automatic outbound NAT functions. No gateway on the interface == not an Internet connection == no NAT will be applied.

Of course there are apps/devices that can benefit by submitting DNS query to specific server.

Take a Roku device for example.  It uses the DHCP supplied DNS server (pfSense Forwarder), but also submits a www.google.com query to google TCP DNS 8.8.8.8.  Which in my case at lease provides a different set of servers that ping in at 18 ms rather than 148 ms for the ones provided by Level 3 (pfSense DNS forwarder).

That's pretty wordy.  May have to read through it a couple times.

There are lots of possibilities.  To each there own.

Just to close this thread up - replacing the NIC has resolved the issues.

You can still use pfSense as a transparent firewall in front of the client. You may need to add another NIC for a management interface. Depends how many public IPs you have to play with.

Steve

Yea that is what I thought too, there should be one loigin and that should take care of the other line. Its VDSL FTTN (fiber to the node). Im going to go and tackle it now, worst case Ill use dual wan…

After playing around with it - I discovered that I needed to move to Manual outbound NAT - I didn't realize that when Automatic NAT is turned on that it ignores all the rules that are set.

By adding some rules to allow outbound traffic on the main LAN and the OPT lan - that I can have my main LAN NAT to the interface address and then allow OPT's lan to NAT to the static IP of .131.

Now I can do this with the few others that need to have it done.

Thanks!

pfSense logs are circular logs. That is they are fixed size (cannot grow indefinitely) and contain only the most recent entries. You need to use the clog utility to convert them to standard text, for example:```
clog /var/log/system.log

Seems to have been something obvious since it has been fixed upstream right away. The packet loss is minimal again. They didn't tell me about the cause though. Would have been nice I think. Something like "sorry for the performance issues, our foo was bar and has been replaced".

Your ISP is not routing the IP properly. Please check with them. I asked this in your other ticket, but, if you can ping WAN IP but not WAN GW IP, then the ISP is the problem as they are not routing correctly. Perhaps they are sending your /24 to .9 instead of .10 or something like that.

I noticed that you have the FW off, so no rules are going to apply anyway. This means no NAT, FW, nothing, only routing. Since that is the case, it would seem that you probably have a basic routing problem. Can machines on your VLAN ping the WAN ip of pfSense, then, can they ping the WAN Gateway?

Thanks fellas.

That's what I ended up doing.

@wallabybob:

@Gio:

I am trying to implement pfsense as "transparent" but have not been successful.

Have you configured default gateway in client?

Have you configured default gateway in pfSense?

You seem to have posted pretty much the same problem report in at least two topics. In which topic do you want to continue the conversation?

– To answer your questions:

Client VLAN lets assume is 200.10.20.128/29 - with a 200.10.20.129 IP gateway (accessible from client IP 200.10.20.130)

Default gateway in PFsense is also setup, shows up in gateway and "Routes" show default 0.0.0.0 using WAN next hop.

Let's continue the conversation in this thread http://forum.pfsense.org/index.php/topic,60980.0.html

I have simillar problem. FTP server is behind pfSense NAT in LAN. I have already tried turn on and off TFTP proxy helper for LAN/WAN but still no success. For now I have NAT rule x.x.x.x:47020 -> 192.168.2.80:21. I can connect control channel but can't connect passive ports. WAN IP is dynamically assigned so no resolve_passive_ip or simillar possible(?).

Interesting, I tried this but used Comcast's name server (75.75.75.75) because they offered a lower ping time however check_reload_status.php kept hammering my Alix CPU for hours; tried rebooting but that didn't fix it.  I reverted back to using the dynamic gateway and check_reload_status.php went back to normal.  Strange but clearly not a solution in my case.

thanks for sharing your similar experience with me Tim, it sounds almost exactly like my problem; changing the monitor IP worked for me as well; but i wish i could actually understand the root of the problem. ill dig around a bit more but if i don't find anything i wont worry so much as its basically resolved.

That means that it received an ARP packet from some other device on the network and that device sent a packet that wasn't recognized.

It could be coming from the WAN or LAN, hard to tell without running packet captures and looking for it.

virtual box clients don't normally start up until you launch them..  is pfsense vm starting when you start your machine?