This is what I mean the blocked shows the network ip and the wan ip but the pass only shows the ip of pfsense box how can I record the wan ip ? https://www.dropbox.com/s/gxgrxhp6ux11wvt/pfsense.jpg?dl=0

If you use OpenVPN, just the inbound port for your server on WAN (UDP/1194 by default). Then you must set firewall rules on the OpenVPN tab, which governs what connections from VPN clients the firewall will allow into it, but for a personal remote access firewall it's probably safe to just set it to IPv4 any.

Thanks for the reply. There is not really any reason why i have the ADSL router on the LAN, i was just testing pfsense on my current environment. Just out of curiosity, I was playing around with ZeroShell and it somehow routed the packets correct is there some way of configuring pfSense to "tag" the packets to return to the pfSense box? So to fix my current issue can i just change the IP address of the ADSL router to 192.168.11.8 and set the wan on pfSense to 192.168.11.10 or do i have to physically connect the ADSL router to the WAN port and make sure it is not physical on the same network as the lan?

@AhnHEL: You could also try disabling "State Killing On Gateway Failure" in System/Advanced/Miscellaneous within the GUI.  This should keep your VPN up when Apinger reports a Loss. Actually I found that this isn't a state clearing issue. When delay occurs: Mar 24 12:14:36 apinger: alarm canceled: AWAN(x.x.x.x) *** AWANdelay *** Mar 24 12:14:08 apinger: ALARM: AWAN(x.x.x.x) *** AWANdelay *** The firewall is RESTARTING services altogether! Mar 24 12:14:52 php-fpm[15338]: /rc.start_packages: Restarting/Starting all packages. Mar 24 12:14:51 check_reload_status: Starting packages Mar 24 12:14:51 php-fpm[15338]: /rc.newwanip: pfSense package system has detected an IP change or dynamic WAN reconnection - -> 10.1.1.1 - Restarting packages. Mar 24 12:14:51 check_reload_status: Reloading filter Mar 24 12:14:51 php-fpm[15338]: /rc.newwanip: rc.newwanip: on (IP address: 10.1.1.1) (interface: []) (real interface: ovpns4). Mar 24 12:14:51 php-fpm[15338]: /rc.newwanip: rc.newwanip: Info: starting on ovpns4. Mar 24 12:14:50 check_reload_status: rc.newwanip starting ovpns4 Mar 24 12:14:50 kernel: ovpns4: link state changed to UP Mar 24 12:14:47 check_reload_status: Reloading filter Mar 24 12:14:47 kernel: ovpns4: link state changed to DOWN Mar 24 12:14:47 php-fpm[65238]: /rc.openvpn: OpenVPN: Resync server4 Remote Access VPN Mar 24 12:14:47 php-fpm[65238]: /rc.openvpn: OpenVPN: One or more OpenVPN tunnel endpoints may have changed its IP. Reloading endpoints that may use AWAN. Mar 24 12:14:46 check_reload_status: Reloading filter Mar 24 12:14:46 check_reload_status: Restarting OpenVPN tunnels/interfaces Mar 24 12:14:46 check_reload_status: Restarting ipsec tunnels Mar 24 12:14:46 check_reload_status: updating dyndns AWAN Mar 24 12:14:33 nrpe[3162]: There's already an NRPE server running (PID 88503). Bailing out… Mar 24 12:14:33 nrpe[3162]: Starting up daemon Mar 24 12:14:31 php-fpm[25418]: /rc.filter_configure_sync: MONITOR: AWAN has high latency, omitting from routing group WAN1toWAN2 Mar 24 12:14:30 nrpe[73937]: There's already an NRPE server running (PID 88503). Bailing out… Mar 24 12:14:30 nrpe[73937]: Starting up daemon Mar 24 12:14:29 php-fpm[56975]: /rc.start_packages: [filer] filer_xmlrpc_sync.php is starting. Mar 24 12:14:29 php-fpm[56975]: /rc.start_packages: [filer] filer_xmlrpc_sync.php is starting. Mar 24 12:14:28 php-fpm[56975]: /rc.start_packages: Restarting/Starting all packages. Mar 24 12:14:27 check_reload_status: Starting packages Mar 24 12:14:27 php-fpm[39957]: /rc.newwanip: pfSense package system has detected an IP change or dynamic WAN reconnection - -> 10.1.1.1 - Restarting packages. Mar 24 12:14:27 check_reload_status: Reloading filter Mar 24 12:14:27 php-fpm[39957]: /rc.newwanip: rc.newwanip: on (IP address: 10.1.1.1) (interface: []) (real interface: ovpns4). Mar 24 12:14:27 php-fpm[39957]: /rc.newwanip: rc.newwanip: Info: starting on ovpns4. Mar 24 12:14:26 check_reload_status: rc.newwanip starting ovpns4 Mar 24 12:14:26 kernel: ovpns4: link state changed to UP Mar 24 12:14:21 php-fpm[34202]: /rc.filter_configure_sync: MONITOR: AWAN has high latency, omitting from routing group WAN1toWAN2 Mar 24 12:14:20 php-fpm[25418]: /rc.openvpn: MONITOR: AWAN has high latency, omitting from routing group WAN1toWAN2 Mar 24 12:14:20 check_reload_status: Reloading filter Mar 24 12:14:20 kernel: ovpns4: link state changed to DOWN Mar 24 12:14:20 php-fpm[25418]: /rc.openvpn: MONITOR: AWAN has high latency, omitting from routing group WAN1toWAN2 Mar 24 12:14:20 php-fpm[25418]: /rc.openvpn: MONITOR: AWAN has high latency, omitting from routing group WAN1toWAN2 Mar 24 12:14:20 php-fpm[25418]: /rc.openvpn: OpenVPN: Resync server4 Remote Access VPN Mar 24 12:14:20 php-fpm[25418]: /rc.openvpn: OpenVPN: One or more OpenVPN tunnel endpoints may have changed its IP. Reloading endpoints that may use AWAN. Mar 24 12:14:20 php-fpm[25418]: /rc.dyndns.update: MONITOR: AWAN has high latency, omitting from routing group WAN1toWAN2 Mar 24 12:14:19 check_reload_status: Reloading filter Mar 24 12:14:19 check_reload_status: Restarting OpenVPN tunnels/interfaces Mar 24 12:14:19 check_reload_status: Restarting ipsec tunnels Mar 24 12:14:19 check_reload_status: updating dyndns AWAN I know I need to educate myself on the traffic shaper in PFSense, however, it seems to me that services shouldn't be restarted just because apinger detects delay or removes a gateway from a group.  And I do currently have state killing disabled.

https://redmine.pfsense.org/issues/4276 https://redmine.pfsense.org/issues/4326 https://redmine.pfsense.org/issues/4405 https://redmine.pfsense.org/issues/4524 https://redmine.pfsense.org/issues/4529 most of those won't be an issue but 4276 will if you plan to use L7 on 2.2.x

Hi, Thanks for your replies Guys.. My Notebook Interface is 1Gb, so it's running ok (so far).. I prefer to have all the VLANS Tagged and disable untagged traffic on the port  that connects to the Notebook (PFSense Box). so only tagged traffic is sent from the switch to the notebook, basically I'm using 3 interfaces on the switch, 1 belongs to the LAN Vlan and connected to another non managed switch, another port connects to the ISP and it belongs to the WAN Vlan and the 3rd port is connected to the notebook as a trunk that accepts only tagged traffic and it only has 2 Vlans (WAN & LAN). So far it is working OK, but please if you hear or read of a possible flaw when using VLANS appreciate your advice. Cheers  :)

I was hoping for a nicely formatted display similar to the arp table webpage. Anyways cleaned it up a bit to make it easier to read. arp -a | awk '{print $1""$2""$4}' | sed 's/_/ /g Thanks.

Figured it out : we had smtp notification enabled and the SMTP server configured was not accessible in this test setup. pfSense was always trying to warn about the main gateway being down. When I disabled notifiaction, I was able to open the rule edit page without any delay. The most useful thing that I learned is that the php errors are logged in /var/log/system.log (on my system at least). Once you see the error, it is easier to fix. Thanks for the help !

And what is the AP connection to pfsense - are you directly connected to nic in pfsense or switch?  If only 1 machine goes to shit while others are fine, then it sure not a mismatch on the duplex wired connection, etc. The high ping times could be something wrong with the wifi.  Something wrong with the laptop, etc.  Run a sniff what kind of traffic you seeing? Sniffing on the pfsense nic connected to the AP should tell you what kind of stuff its seeing.  Is there a broadcast flooding going on, is someone running p2p..  Did pfsense see the icmp and really take 500 ms to put it back on the wire? etc. etc..

Weird…..after a reboot, I lost my HAVP group setting again......

Try running a packet capture on the WAN. Look for the DHCP requests from pfSense and the replies from the upstream DHCP server. Try putting some other DHCP server connected to the pfSense WAN (the e4200 perhaps) does it receive an address then? Steve

pfSense is FreeBSD, not Linux. Since it is a Dell server chassis it should have a DRAC card. Maybe and maybe not.  It's an option, and it has licensed features.  The basic DRAC was quite limited, if I remember correctly. but the speed of the network is not as it once was. Do you mean Internet access is slow, or client to client on the LAN is slow? My big question is "How can I check the server for any hardware problems?" There should be a status LED on the front panel that will turn orange or red or flash if there is a problem.

shouldn't this work? http://answers.splunk.com/answers/142652/how-to-get-splunk-to-work-with-freebsd-10.html

Your drive seems dead. Post some information about the HW.

Well, this is odd. Second SSD is now complaining the same as the first. Both SSDs used to sit in my NAS (ZFS) as cache drives so either they both got porked while in there or this motherboard is killing them or psSense is killing them. Both SSDs are 4 years old (found the invoice, was hoping on warranty). Guess a new on is needed and will see from there. pfSense is still running so no rebooting until spare drive arrives…