How is that pfsense is blocking?  You state when you ping from the wan interface, so your on the pfsense interface or shell?  Blocks are done on the ingress of the interface..  I would have to assume your issues is when your isp, connection between you and 72.30.38.140 not pfsense blocking.

Do a traceroute to see where your being blocked or connecting is failing.

Just to give an example of my point I blocked that same IP on my lan interface.  Also keep in mind that not allow sites answer ping anyway.. but this one does.

Anyway so lan works, then put in my firewall rule and lan does not work.  See the hits in the log where its blocked, but from my pfsense shell I can still ping it, etc.

fromlan-fromwan.png
fromlan-fromwan.png_thumb

http://info.iet.unipi.it/~luigi/netmap/

Unless I've missed something there's no field for "Extended Query" until version 2.1 - at least I can't find it in 2.0.1 - so I'm stuck for the moment.

I can see increase the time interval - every second is a bit much.  Wouldn't 10 be ok?

If you do the math, it does add up to a bit of Bytes per month.  Looking a 15 second capture (30 packets) I show 2340 bytes x 4 = per minute x 60 = per hour x 24 = per day x 30 = per month.  Your looking at 404MBytes per month..  And for me it also checks my ipv6 tunnel gateway so x2 your looking at 808MB per month..

I love the graphs and yes they can be handy for seeing when there was an issue, etc.  So I would never turn it off - but changing it to every 10 seconds seems like a nice compromise.

It's a known issue that the X buttons are broken in IE. It's one of many AJAX scripts that IE hates.

For sure the new SMP-pf will be totally a big change. I achieve around 1.8 Gbps with a Dell 2850 and 2 quad nic. The secret rely in BGP, this is how you stop a DDoS. If 100 machines sends 1 Gbps, you have to tell your ISP through BGP to not send you the traffic of these 100 machines and it's free… as long as you have BGP. But, I think that pfsense could block many DDoS and easily scale horizontally with many pfsense machines. If they choke at 2 Gbps, then you put 5 machines at 2 gbps fully load-balance. You will then have 10 gbps around. I am sure they can achieve much more than that per machine.

I used the generator. At first it wouldn't connect and pfSense couldn't get a DHCP IP for the WAN interface. I left it overnight and it was working the next day. Sadly, after restarting the pfSense router, it won't connect again so I'm back to the Sky router for the moment…

@Nobbie:

More information required.

Are the G729 extensions at the same location as the GSM ones?
Are the ports forwarded to the PBX on that network?
Are the G729 extensions able to register?
Are you able to make any calls successfully at all then lose two-way communication after a certain number of minutes?

P.S. Did you make sure you have UDP ports forwarded and not TCP?

Other thing, now is not only with g729…

All that you say are ok but i had to make some capture on the PBX and i can see the problem though that is too rarely, because i can see the extension registered with the wan ip but the traffic rtp is through private ip.
I have a simetric dsl with a static ip but the others places have a adsl connections to internet, they have nat configured on the routers, i tried to open all of ports and create a dmz but anything.
I made others test with a client sip by internet on a cell phone and works ok but in adsl or cable modem not work.

My configuration in pfsense
My LAN is 10.10.0.0/24
WAN 201.204.13.xx

i already open 5060 (sip) udp, 10000 - 20000 udp (rpt)
I see in the PBX
Sip registered with the wan ip 201.203.xxx.xxx but rtp through 192.168.1.2 (This is the private network configured in the adsl)

why i see the private ip on the wan interface? and why my elastix registered the extension with the public ip and send the traffic rtp through the private network?

ok, I will get latest snapshot - thanks.

Actually you might have had a stale state in the state table from before the apply took effect, and resetting the states may have been enough to make it live.

A reboot would have the same result though.

It might help to disable any PXE or network boot options in the BIOS, then it may not attempt to use the card so soon and it may have a better chance of success.

Also you can try:

ifconfig em0 down; sleep 5; ifconfig em0 up

And if that successfully brings it up, put that in a shellcmd (with the full paths to the commands, of course…)

If your trying to use the url from that mysql thread - its changed.. You would pull 8.1 stuff from archive now.

http://ftp-archive.freebsd.org/pub/FreeBSD-Archive/ports/i386/packages-8.1-release/All/

Why not just put slaves in each segment, or tell the clients where the NIS is so that they don't have to broadcast for it?

Forwarding broadcasts kind of defeats one of the reasons for a broadcast domain, or segment ;)

Hmm.
Define 'different locations'.
If you mean completely separate places with no internal connection between them you can't have a failover scenario because it would require the VPN connection, which would also fail.
You have just two VMs, C and D, in one of those locations?

Steve

When you have an unclean shut down (yank the power cord, kernel panic), the disk will be dirty and fsck will run to fix it. That's not related, just normal after a kernel panic.

Don't know why but NOW IT WORKS!  :o

What i've done:

-debug.pfftpproxy was = 0 by default, ftp doesn't worked so i set to 1
-so i set debug.pfftpproxy = 1 but it doesn't worked and i wrote this post…
-now i tried to go back to debug.pfftpproxy = 1 and ftp works!!!  ::)

Thanks for you help...

I only have about 10 DHCP leases. When I go to Status -> DHCP Lease, I see that my IP camera sometimes the "online" status is OFFLINE, but "lease type" is ACTIVE. But I am pretty sure my camera is online, coz I can use my browser to connect to the camera just fine. I am not sure how pfsense determine if it's offline, and if it only refresh the DHCP lease list every few minutes. Also, if this is the reason that pfsense thinks my ip camera is offline and release the IP lease.

I turned off the logging from writing to disk, because I had memory issue. I just turned it back on, will monitor why my IP changes.