it depends on whom initiated the SYN

Sure- Off to a service call I go…    :)

I have just discovered this in my Belkin node (not to give it a type of network device, as I find that just A confuses you the most lol). But I came across this when using my Belkin router (as a router as it where). In connection type (ultimately what would be for the Internet right?) Usually when I go for virgin media's connection it will always be dynamic, but wouldnt it be static if it was using the dhcp server from my new gateway with pf sense controlling it? Therefore, if I go into that and set these: To enter your Static IP settings, type in your information below and click "Apply changes". More Info IP Address > . . . Subnet Mask > . . . ISP Gateway Address > What would I put in the above fields? Might just work, if I think about this logically. Just wanted to give this at least 1 more stab just to see if I can get this working, dont want to fork out extra money and find out I could have done this with what I already have, save some money so to speak. Any helps appreciated. Jeremy

@jimp: You could always install the shellcmd package and put a shellcmd in that runs the command you want, then it would happen at bootup. Not "easy", but the answer I was looking fore. Thanks

The needed libraries and binaries should be on 2.0 for handling ZFS. I haven't tried it, but the experimental web installer (for 2.1+) is on the system and can create ZFS filesystems last I heard.

@wallabybob: @jahonix: It is never a good idea to use tagged and untagged traffic on the same IF. I support this comment. I think there are a number of possible ambiguities in mixing tagged and untagged traffic on the same interface. ….... Also, the bridge man page says bridge member interfaces need to have the same MTU. I haven't looked into this, but its possible your VLAN2 interface will have an MTU 4 bytes less than the LAN interface MTU (to account for the 4 byte VLAN tag). Thanks for the link I have read the page and have a much better understanding of how pfsense bridges now. As you say it's a bad idea to mix tagged and non tagged on the same IF so as I said a few posts ago I did try adding an extra nic with the same result….. That does leave the MTU that could be the reason so I will have to research it! Thanks for the tip!

ok thanks…..then i have to wait for a stable release of pfsense 2

Thank you very much

Thank's for your posts!

My bad, it's 1.2.3. The WAN interface did indeed have an IP/netmask/gateway and DNS servers.  I found out what the problem was, though - my dad said he "didn't like" that the "numbers" (IP addresses) weren't the same as the old router, and changed the LAN and wireless interfaces to the same IP/netmask. Problem solved, password changed. ::)

I think I get what you are saying here.  So i just move the wireless routers to 192.168.2.0/24 so all of the clients that connect see that subnet.  I setup the CP for that subnet only and everyone who comes in on it gets redirected to the portal….right?  But the trusted clients I can somehow have them passthrough the firewall by MAC or IP (i'd rather do mac). Now the hard part.  i'll bumbble around and see about setting up the passthrough thing.  As for the new subnet...do I need to change the mask for EVERYONE on the whole network to 255.255.254.0 to allow for that new range? or do I go to 255.255.0.0?  As I said earlier, I'm not a network guy...sorry for the dumb question.

Sorry guys, my fault. Works fine. Next time I shouldn't be so quick to post a thread like this without testing it outside of the network itself first. ;o

Likely the RRD graphs.

This limitation should no longer be present in the pfSense 2.0 beta snapshots. Give them a try.

@Cry: Presumably it's specific to your ISP since it if was specific to pfSense this forum would have been flooded with other posts (and I wouldn't have been online for a long time). Could well be - I use Time Warner cable with a dynamic IP. At work I have Time Warner with a static IP and have had no issue. The cron job seems to have fixed the problem for me and others. I'd be glad to provide more details to anyone interested in looking into/correcting the issue.

I suspect you'll need 4 - 3 for WAN and one for LAN. VIPs is what you're looking for regarding multiple WAN IP addresses.

4 mbp/s connection? Tell them to tether their phone on 4g, or even 3g.

You can script that with wget. Some searching here will find scripts and other examples.

subnetmask.info is a useful site, you tell it how many nodes you need and the base network and it will tell you what subnet mask and other stuff you need.