okay, you want to setup a transparent firewall, this would mean a bridge.  If you have both WAN and LAN enabled, it should at least get a link. Sometimes, you have to set speed and duplex manually. I would check on this with the existing setup. Once you have completed that, then you can move on to setting up the WAN/LAN bridge. Since it will be a bridge, you are going to have to manually set an IP on LAN, without dhcp turned on. You will also have to set some system tuneables in the advanced config.

If you are just try to setup a NATed or routed solution, then you just have to work out that pesky link problem. As a test, put in a 4 port switch between the router and pfsense and see if you can get a connection.

see captive portal

Have a look at pfBlocker from the Packages, that should help:
http://forum.pfsense.org/index.php/topic,42543.0.html

If drivers are an issue, you're probably stuck as you'd need an entire new base OS, which entails a LOT of work. If you haven't already, try 2.1 to see if that's better with your hardware. If you need something newer than that, you're in for a lot of work or stuck. If you can back port drivers to an 8.1 or 8.3 base, and compile your own kernel with all our kernel patches applied to the source, that's easier to do manually and replace the kernel than to run through an entire build.

I suspect you don't have a good physical connection between the switch and pfSense LAN interface - perhaps a broken cable or one end is not completely plugged into the socket. Please post the output of the pfSense shell command```

ifconfig re0 @jhilgeman: > In /var/log/dhcpd.log, I see the normal startup info, and hten on the last few lines: > > Listening on BPF/re0/<mac>/192.168.1.0/24 > Sending on BPF/re0/<mac>/192.168.1.0/24 > Sending on Socket/fallback/fallback-net > > Nothing else.</mac></mac> The DHCP server is not seeing DHCP requests from the client. @jhilgeman: > When I ping, I -was- getting something about sendto: No host found" or something like that, I think, but when I do it now, I'm getting: > > sendto: No buffer space available PERHAPS the LAN interface transmit buffers are full with ARP requests waiting for the interface to report it has seen carrier from a switch or another NIC. It could also be the re driver doesn't correctly work with your particular NIC which is apparently a fairly new variant.

I use CARP VIPs for 2 reasons. It is better than ProxyARP in some ways, and in the future, I can setup clustering without have to redo IP alias or ProxyARP. If you are never going to cluster, then IP alias VIPs would be the way to go IMO. Once you have the VIP setup, then you can setup NAT and the rules. There is 1:1 NAT or port mapping. port mapping allows for potentially more internal servers as you can put different ports on different servers. There is a book and a document repo that you can use to help you with the setup.

Thanks wallabybob and stephenw10. The issue is resolved by updating the following in System Tunables:

Change net.link.bridge.pfil_member to 0
Change net.link.bridge.pfil_bridge to 1

It would seem if I didn't change these, I'd need to set up rules to allow LAN "subnet" to access WLAN "subnet" and vice versa? Both interfaces are set as "None" and they both are essentially on the same subnet. I think I did set up such rule for WLAN interface to access LAN but that didn't work. I'm just curious if there's a way to get this to work if I choose to keep bridge filtering.

Yes, the entire crash report is needed, or at least the first bit.

Actually if you submitted the crash report in the GUI, and if you let me know your IP and the approximate time of the crash I can pull the crash report data from our servers and look at it directly.

The first thing you need to check is if your switches support 802.1Q or Vlan Trunking/Tagging. If they don't support that you can't use vlans for your setup. You can also check if your NIC on pfsense supports 802.1Q. If it does and your switch supports is as well, then you could move into planning on how to set it up.

The security vulnerability with Voip on the same network as computers is that someone could eavesdrop on the phonecalls if they are connected to the same network. It won't affect your hardware.

Thanks for your information. :D

Thanks for the update. Hopefully someone w/ some weight will see the requests and think twice before making the app off limits to the Masses. Or al least miss out on all the beta testing help.

Moxie…...78-)

Probably. It depends on what type of VPN your server is using.

http://doc.pfsense.org/index.php/VPN_Capability_Overview

Steve

What type of link is there between your pfSense box: DHCP? PPPoE? something else?

It is possible you will need to change the authentication information related to the WAN link in your pfSense box.

Do you know the IP address on which to access the web GUI of the pfSense box? Do you know the userID and password to login there?

I'm now getting hit with this every 5th minute in my inbox:

Traceback (most recent call last):
  File "/usr/local/bin/graph.py", line 480, in <module>GenerateInterfaceGraph()
  File "/usr/local/bin/graph.py", line 135, in GenerateInterfaceGraph
    'GPRINT:global_tot_tx:ca. %5.1lf%s Total\l'
rrdtool.error: Could not save png to '/tmp/graph/if-[myNIChere]-1h.png'</module>

I'm starting to lean towards a backup and then a fresh reinstall. Thoughts?

have a look at ntop