Those options might be useful on a multi-user system, but on pfSense most everything runs as root anyhow, and you're logging in as either root or admin, which is just an alternate account for root. There are no other users.

As for OpenVPN, the user rights don't matter much, again, because everything else is running as root. If it's commented out, it's likely because something broke with that enabled, but feel free to try it again and see if it works.

is your service Business Class or Residential?  I have BC and when I have had problems in the past they sent a tech out the same day.  also, when you are having problems, log into your modem's diagnostic page and record things like upstream power, downstream power, signal to noise ratio and everything in the log area.  it also helps if you have something like PingPlotter running pinging your first comcast hop.  now with all this information at hand, call tech support every time your service is down and give them all the information you have collected.  keep track of who you talked to, the tracking number and the date and time of the call.  if the problem persists,  ask to have your problem kicked up to the next level.  if all that fails, ask to speak to a supervisor.  if that fails, call and ask to speak to a customer retention rep.  if you still can't get the problem resolved, it's time to switch providers.  all this works MUCH FASTER if you have Business Class Service!

Good luck!

Roy…

@sullrich:

These types of responses really pain me.

Sure! ;) @sullrich:

How much money have you saved by using pfSense

You'll not believe – nothing (zero, nada). @sullrich:

and you cannot afford to purchase the book

Absolutely! Just because

a summ of book and delivery prices is about to a 1/5 of my monthly income from a place where I currently tests a pfSense and I din't like books when a ten or twenty of manpages are enough (and that's a well-known "good form" in an OSS world when a books exists simultaneously to a "base" documentation)

In case anyone comes along later with a similar issue, I fixed this.

I switched the WAN interface from the onboard Broadcom to one of the PCI Intel slots.

I don't know why:

1. I was able to get good speeds directly to the pfSense.

2. Why otherwise good ethernet cards had a problem with my WAN router's interface.

Regardless, it works, so I don't care.  If anyone has an issue like this: Try another brand of NIC.

Thanks.

Can you be more specific?  sftp and ssh to outside hosts?  Totally slow, or just initially?  Or… ???

That isn't logged. The last changes are logged (See the configuration history under Diagnostics > Backup/Restore, Config History tab)  but on 1.2.3 the WebGUI doesn't have a real login procedure, just basic HTTP auth which is handled by the browser, so technically every page load is a "login".

2.0 will be much better in this regard.

You can't really have multiple subnets on the same "LAN" in that sense on pfSense 1.2.3, so I'm not sure what you are trying to do is possible.

Even so, the first step would need to be using your AD server as the DHCP server and letting it hand out the IPs as appropriate, assuming it has some way to do that based on login.

Just to follow up in case anyone else ever has a similar problem:  I added a static route, thusly:

Interface  Network  Gateway  Description

WAN 216.251.231.64/32 (our gateway) Palmetto

and now my users can reach the Palmetto website.  This static route is the same as the default route, so I don't really understand why it's necessary… but it works.

@GruensFroeschli:

Yes to all questions.

I did upload my monowall config . A tip for anyone reading this .
In my m0nowall config I had a configuration partly setup for ipsec and a vpn  but the service was disabled.  Pfsense would not load the filters because of this and displayed an error. I manually removed theses settings from the config file and reloaded it. That seems to have done the trick.

That's to bad.  was hoping that might be possible.  Anyway, thanks for the replies!

Roy…

Line 39 of /etc/rc

if [ "$PLATFORM" = "pfSense" ]; then mdmfs -S -M -s 4m md /var/run fi

BUMP!

Must have just been a fluke as I have powered on/off again a couple of times and it comes up correctly now.  It's all good.

Thanks!

I figured this out myself. I had a hunch that reapplying the 1.2.3 full update would fix any missing files and this seems to be the case. /usr/local/etc is full of files now and no errors on starting services and the reboot worked without a hitch.