@jyavenard:

however "Other" only let met define one IP address; no netmask nothing …

Just for completeness, I'll point out I found it possible to add multiple "Other" Virtual IP addresses but had to do so one address at a time.

Concerning sipproxyd, in case you meant siproxd, siproxd works fine for me on pfSense 1.2.3 RELEASE provided I use suitable VOIP applications. More details at http://forum.pfsense.org/index.php/topic,18204.0.html. The siproxd maintainers might be interested in some more details of the problem you had.

That just shows you how little I know  ::)

Any recommendations on how big I should go?

Thanks for the links.

http://www.myupload.dk/showfile/42464048989.zip/
http://pfsense.comuf.com/packages/All/wink-pfsense-theme.zip

You really do not need the NIC. It is all depend in the bottleneck is located.  Just like cry havok said the best answer to that is "maybe".

Thanks Jim.

There isn't much documentation, because it's an undocumented (and sort of unsupported) feature :)

There is a shellcmd package that you can install to add more commands. They are, as the name implies, shell commands. Only real trick to them is you'd likely need to give the full path to a command.

Alright Ill give that a go and let you know.  Thanks!

I enabled DHCP and in the rules field only passed PPPOE for source and Destination, and enabled everything under the PPPOE field in rules, and it's working fine.

Thanks Jimp.

If lan and wan interface same subnets (e.g:1.1.1.1/24) , problem is.
I could not find a solution  ???

@futurecis:

Unfortunately, my circumstances will not allow me to do it this way. I am not just hosting webservers. I have to be able to host email, web, and several other applications/services.

For example, if I have abc.com and xyz.net, i need to be able to have PF support both domains as well as all sub-domains associated with them. I can point my registrar to my one public facing IP so all internet traffic to both domains would come to my IP. However, I need the ability to control where traffic for each domain will go once it gets to me. At this point, I do not see how PF can handle that since it only supports one domain handle.

I don't know specifically about pfSense (and I already hear about people wondering why do you answer then…)

I'm assuming that you have the typical setup where when you connect to your ISP , you get a single IP address and they then route a subnet to you.

Say you connect, you get allocated 210.210.210.1 ; the subnet being routed to you is:
58.179.125.1/28 (14 usable IPs)

create an alias on a network card (either the one on the WAN, or one that isn't your LAN)
ifconfig alias xl0 58.179.125.2 netmask 255.255.255.255
ifconfig alias xl0 58.179.125.3 netmask 255.255.255.255
ifconfig alias xl0 58.179.125.3 netmask 255.255.255.255
etc... for all 14

Then you create a static NAT from 58.179.125.2 -> LAN 192.168.0.30
natd.conf would contain:
redirect_address 192.168.0.30 58.179.125.2

the default gateway of 192.168.0.30 is the LAN address of the gateway of course.

That's it.

Now if you can do that in pf web interface, I'm all for it ; because that's precisely what I will be looking at doing ..

Cheers
Jean-Yves

@wallabybob:

I don't have anything like your complexity to deal with. My pfSense box acts as DHCP server on LAN interface, Wireless LAN interface (bridged to LAN) and OPTx interface (links to local server on separate network from family PC's and accessible from the internet). It also acts as DHCP client on WAN interface (connects to ISP). Other contributors to these forums seem to be able to use PPPoE. Don't know why you think pfSense doesn't support DHCP or PPPoE. Was there something particular in the FAQ that suggested that?

Hi.

From there:
http://www.pfsense.org/index.php?option=com_content&task=view&id=40&Itemid=43

(the main feature page)
"Only works with static public IPs, does not work with DHCP, PPPoE, PPTP, or BigPond type WANs (will be resolved in a future release)"

Ahh, I see what my mistake was… I read too fast, this is for "redundancy" only :)

I don't think that is something that would be easy to do, and even if it was, it probably isn't cheap enough to be worth it, especially if the computer already has its own power supply.

By the way, there are packages available for the NanoBSD builds, and I think squid may have been one of them.

That is normal, on mine one light is one even with a cable unplugged. Not quite sure what that is supposed to indicate. They both blink with activity.

Those options might be useful on a multi-user system, but on pfSense most everything runs as root anyhow, and you're logging in as either root or admin, which is just an alternate account for root. There are no other users.

As for OpenVPN, the user rights don't matter much, again, because everything else is running as root. If it's commented out, it's likely because something broke with that enabled, but feel free to try it again and see if it works.

is your service Business Class or Residential?  I have BC and when I have had problems in the past they sent a tech out the same day.  also, when you are having problems, log into your modem's diagnostic page and record things like upstream power, downstream power, signal to noise ratio and everything in the log area.  it also helps if you have something like PingPlotter running pinging your first comcast hop.  now with all this information at hand, call tech support every time your service is down and give them all the information you have collected.  keep track of who you talked to, the tracking number and the date and time of the call.  if the problem persists,  ask to have your problem kicked up to the next level.  if all that fails, ask to speak to a supervisor.  if that fails, call and ask to speak to a customer retention rep.  if you still can't get the problem resolved, it's time to switch providers.  all this works MUCH FASTER if you have Business Class Service!

Good luck!

Roy…

@sullrich:

These types of responses really pain me.

Sure! ;) @sullrich:

How much money have you saved by using pfSense

You'll not believe – nothing (zero, nada). @sullrich:

and you cannot afford to purchase the book

Absolutely! Just because

a summ of book and delivery prices is about to a 1/5 of my monthly income from a place where I currently tests a pfSense and I din't like books when a ten or twenty of manpages are enough (and that's a well-known "good form" in an OSS world when a books exists simultaneously to a "base" documentation)

In case anyone comes along later with a similar issue, I fixed this.

I switched the WAN interface from the onboard Broadcom to one of the PCI Intel slots.

I don't know why:

1. I was able to get good speeds directly to the pfSense.

2. Why otherwise good ethernet cards had a problem with my WAN router's interface.

Regardless, it works, so I don't care.  If anyone has an issue like this: Try another brand of NIC.

Thanks.