Have the same problem as dustybin - cannot telnet to bridged modem behind pfSense.
Important: my ISP doen't use PPPoE or PPTP, so my WAN interface is just static public IP, let say 84.x.x.x.

Picture showing complete network configuration is in the attachment.

So obviously to access modem management interface (192.168.1.1), I have to assign two IPs on WAN interface of pfSense: public (84.x.x.x) and the one from modem's subnet (f.e. 192.168.1.2).

If I go straightforward and assign 192.168.1.2 as IP alias:
ifconfig rl1 192.168.1.2/24 alias

then I run into the same problems as were described by dustybin:
…when i click on google, the first time i click, firefox waits... then the second time i click it comes up, its the same with every website i visit, sometimes you need to click them lots of times before the page appears.

I've played around Virtual IPs instead ifconfig alias, however had no success at all.

I'm using AON, as suggested by ermal, however, I believe it will not solve the problem itself, as you will need two IPs on single WAN interface anyway, and this is the main problem.

Any help will be greatly appreciated.

NetLayout.gif
NetLayout.gif_thumb

There is a bounty for a Central Management Interface http://forum.pfsense.org/index.php/topic,7949.0.html

Best would be to update to 1.2.1-RC3 http://www.pfsense.org/mirror.php?section=updates
2nd best a direct link http://portsmon.freebsd.org/portoverview.py?category=&portname=mc&wildcard=

I use snmp now (cacti) but will only show me the in/out trafic at 5m intervils.

It wont say this month you transfered 35gb.

Any entries in the log about blocked connections or failed authentication?

If you have your console open to access you have risk of people booting from other media and getting rid of any protection anyway, but there is an option under system > advanced to disable that console access.

P.S. Even on Cisco hardware, you can always get into a router with a password on it by telling it to ignore the config on boot up. They added a no service password recovery option to still require the password, but you can still interrupt the boot earlier to get past that.

What OS is your web server running.  I'm guessing Server 2003??  Ensure that under directory security on that website you have the correct information for anonymous access.  Make sure that no other check boxes are marked.

1: Well it depends on your setup.
If your client can handle oversized frames you should not have to change the MTU.
If the driver of your em-NIC's cannot handle oversized frames, you would have to change the MTU on the other side of the link, so no oversized frames arrive at your end.

2: The problem is, that VLAN-tags add 4bytes to every frame.
–> frames can become bigger than the allowed maximum.

Most drivers can handle this, but some have problems.

I am happy to hear that. Welcome back :-)

Hi,

Works for me pretty well. I'm running 2.0-AA tho…

cheers,

I was trying to do the same but cant find rsh: /usr/bin/rsh: Command not found.

How can I install rsh?

cconk01
Do the modems get static IP's?
No, dhcp , from isp
WAN has other adress IP,88.83.x.x dynamic adress (public adress)
the LAN side of modem is typically static and usually is 'builtin' 192.168.254.254

ampwifi
Great ide with extra hop/gateway (linksys) though excessive amount of extra material.
The bridge balancing sounds sound enough -though not really acquinted to it - so it's just a pool of mac -adress You can send through
like 'smart vektor routing stuff ? ' - must read more about it later :

http://doc.pfsense.org/images/d/d0/MultiWanInterfaceWAN2.png

http://doc.pfsense.org/index.php/Image:MultWanRouterBridge1.png

Thank You all for Your reply :)
Regards
Tom-Pele

PFSense just has some awesome developers.  If you want to say thanks, donate to the project…it lets the people who do the real heavy lifting keep making pfsense even better.

What are you trying to say us?

my issue is rather different, I corrected it in config.xml but it still does not work (I can not apply any changes through web-interface). This box is located far away - so I was stupid doing that, I am screwed up now -(

So in a diagram:

internet
                ¦
                ¦
                ¦
            (WAN) - public IP
          modem
            (LAN) - 192.168.0.1
                ¦
                ¦
                ¦
            (WAN) - 192.168.0.2/24
          pfSense
            (LAN) - 172.16.0.1/24
                ¦
                ¦
            clients

You want to access the modem on 192.168.0.1.
You should just be able to type this IP in the webbrowser and it should work.