I removed the manually added aliases before doing the upgrade.

I did the upgrade in other box and I didn't have the same problem.

It seems my problem was due to problems in the boot script of pfSense solved checking the boot log and php_errors of the boot log as you could see on this post:
http://forum.pfsense.org/index.php/topic,43766.msg226677.html#msg226677

What is the IP address and network mask on the pfSense WAN interface?
What is the IP address and network mask on the pfSense LAN interface?

nanobsd has some limitations due read-only file-system and sd cards are not so fast.

Soft updates are really good for performance.

It's up to you. It will depend on packages you have installed.

Read about soft-updates. I think it is better then ssd cards.

Unless you are using this as a transparent firewall you need to have you WAN and LAN interfaces in different subnets. E.g.
WAN: 192.168.1.100/24
LAN: 192.168.2.1/24

Steve

Ok, I can understand that.  :)
So I would do this in three steps.
1. Record the MAC of each of your clients routers either directly from the device or by looking at the DHCP lease table and then configure each one to static lease.

2. Add alias IPs to your WAN interface for each of your public IPs. Configure 1:1 NAT with each of the aliases to a clients private IP.
Good video tutorial for this step here: http://www.youtube.com/watch?v=zrBr0N0WrTY

3. Create limiters for each client and configure firewall rules to direct traffic through them.

If you want to hand public IP addresses to your clients boxes directly you can do that by disabling NAT entirely but that's beyond my experience.
http://doc.pfsense.org/index.php/How_can_I_use_public_IP%27s_on_the_LAN%3F

Steve

This post has helped:

http://forum.pfsense.org/index.php/topic,43983.msg228156.html#msg228156

I still don't have it working but I think I'm really close.

I swapped OPT and LAN with each other.  They now have different roles.

I now have interfaces:

OPT type=none (no IP)
WAN type=none (no IP)
BRIDGE type=none (no IP)
LAN_ADMIN type=static.  IP 192.168.0.100

OPT and WAN are bridged

LAN_ADMIN is working and its used to access the pfSense webGUI.

I have no gateway defined.

I have rules set to pass everything on WAN and OPT.

This is similar to how I've configured transparently bridged OpenBSD firewalls in the past.  The two interfaces and the bridge didn't need IPs.

Well after searching I've ran across this thread about how to setup FTP on 2.0, just needing some help.

I've setup a NAT: Port Forward on 20-21 to my internal ftp server 20-21

I've setup Filezilla in Active mode, I've tried passive as well but no luck.

Under Advanced -> Firewall/Nat -> I have only the first 2 boxes checked, i've tried mutiple options here as well.

I've also tried changing the system tunables to 1 like the above posts.

Anyways I'm lost, can anyone offer any suggestions on what else to try? Thanks!

I could see RRD data files getting that large for that kind of deployment. If you want to graph that kind of data, you can enable the SNMP service and then use an external poller such as Cacti or Zabbix to graph.

Also - What did you see missing on the features list? I just looked at it, and it mentioned 2.0 and I saw a few 2.0-specific items in the list, but I didn't go over it extensively.

@tech6:

how try a smaller Kb size and see if that helps. you mind if i ask u how many users are u trying to limit i don't use captive portal at all to limit same with traffic shaper i use the limiter and that works well for i limit ever users on my network if need be as well some services and servers, u should try the limiter and see if that works out better for you.

Thank for your reply, peak time around 900 concurrent and the average it's about 400. It seems hard to understand about traffic shapper in pfsense. Would you mind to advise, what step i should to, i would like to
1.limit bandwidth every pcs in my LAN to 10Mbps to some destination (x.x.x.x)
2.limit bandwidth every pcs in my LAN to 128kbps to all destination beside (x.x.x.x)

Appreciated if you can advise

would not expect the mac os to operate any different for web browsing.

I have leopards and lions behind my pfs with no issues.

check the dns settings on them vs. the windows dns settings but I would guess they all use the same DHCP server and gateways?

I completely reconfigured everything and jumbled up the interfaces. I moved opt 1 to wan I moved wan to opt 1 and I reconfigured opt3 as opt3. I reconfigured the gateway load balance and rules. Now opt3, which is a different internet connection, is not alowing full ftp passthrough with ftp helper. The wan and opt1 interfaces work fine. I now think this is a bug with the ftp helper, but don't know what other information I should collect to report it.

@jimp:

Sounds like this:

http://redmine.pfsense.org/issues/1572

It's been fixed in 2.0.1 (pending release) and 2.1.
https://github.com/bsdperimeter/pfsense/commit/0389f03498994dbdaf47543a325b58d14b1cdbab

Thanks for the heads up on this fix. I applied this fix manually and now I am able to spoof without it going into a loop. Thanks!!

yes, both has sync options.

@waiyan.pickme:

Hello everyone ….
I used pfSense as gateway and connected 18 clients over switch .... no package installed ... pfSense 2.0 (release) (i386) ... Unfortunately since start using of pfSense, the client computer's network become unplugged randomly .... I don't know why ... is that because of pfSense .. ? Is there any options to solve that ... ? When client became unplugged, it can't reconnect by unplug the cable and replug it .... It has to shutdown and also need to close UPS ... (no power to client computer) and then it back again .... I don't know how to solve and that's the main major problem for me ......

P.S --- I already changed switch but it's still happen like that .......

**ံHello everyone, sorry that it's take too long to respond …. ,
I've got an answer and now everything working fine with pfSense except the pfSense pre-version (before released) was crashed once ...

The problem for network cable unplugged was because of Symantec Endpoint Protection Small Business Edition 11.0 .... I don't know the details but after reinstalling all computer with MS Essential and now everything fine ... but we found out the problem before that ....

Thanks for everyone who gave me the opinions .... I appreciate that ..... !!**   ;)

@jimp:

mdima - yes I got it, haven't had a chance to look it over in detail. I'm not familiar with that port/package so I'm not sure what options can really be used in it, probably best to keep that in a separate thread on here.

ok, sorry for the OT!

Use virtual IP to assign a second public IP address to the WAN. I don't know much about VIPs so I can't help you with the details.

Turn on advanced outbound NAT and you'll see a bunch of auto-generated NAT rules. For those sourced from the vlan, change the NAT address to the VIP.