Have you looked at Dell PowerConnect?  Can get 24-port, Gb, layer 3 switches for under $2k.
Have older 6224 running on SAN duty for over two years with no problems.

http://www.dell.com/us/business/p/powerconnect-6200-series/pd?refid=powerconnect-6200-series&baynote_bnrank=0&baynote_irrank=0&~ck=baynoteSearch&isredir=true

Vince

Happy to help.
For the benefit of other readers - if an interface has a gateway set, then pfSense by default assumes it is a WAN-style interface, a pathway to the public internet, so things like automatic outbound NAT are done on those interfaces to translate LAN IPs into WAN IPs suitable for the public internet.
If you have a LAN like this OPT1 that is just a local subnet with a gateway to other internal networks, then you do not have to set that internal gateway as the actual gateway on the interface settings. You can just add a gateway in System->Routing and then add static route/s telling pfSense what internal networks are reached through that gateway. Then pfSense will understand that it is not a gateway out to the public internet in general.

Can you provide a topology?  It sounds like you have Internet <> Router 1 <> pfsense

If this is correct, have you set port forwards on Router 1?  If not, you need to forward these ports to the IP address of the WAN interface on pfSense.

Have you in some way proved the connection to be good? Somehow removed pfSense from the link and tested?
Speedtest.net is not a good test because it uses multiple connections to maximise the throughput.
Try simply downloading a laarge file from a known good source. I have no idea where you are so I can't recommend one but I use the Thinkbroadband test files at http://www.thinkbroadband.com/download.html here in the UK. If it's still limited at your client machine you can then try downloading it directly to the pfSense box:

root@pfsense.fire.box]/root(2): fetch -o /dev/null http://download.thinkbroadband.com/50MB.zip /dev/null                                    100% of  50 MB 1961 kBps 00m00s

I notice in your config file that you have some traffic shaping options:

<ezshaper><step1><numberofconnections>1</numberofconnections></step1> <step3><enable>on</enable> <provider>Asterisk</provider> <connuploadspeed>%</connuploadspeed> <conndownloadspeed>%</conndownloadspeed> <connupload>30</connupload> <conndownload>30</conndownload> <download>300</download> <downloadspeed>Mb</downloadspeed> <conn0upload>300</conn0upload> <conn0uploadspeed>Mb</conn0uploadspeed></step3> <step4><step2><downloadscheduler>HFSC</downloadscheduler> <conn0uploadscheduler>HFSC</conn0uploadscheduler> <conn0upload>1</conn0upload> <conn0uploadspeed>Gb</conn0uploadspeed> <conn0download>1</conn0download> <conn0downloadspeed>Gb</conn0downloadspeed> <conn0interface>wan</conn0interface></step2></step4></ezshaper>

Are you running asterisk? Did you set these up intentionally? I'm no expert in traffic shaping (which seem like a bit of a black art!) and I can't see how this would be limiting you but still….

Steve

Thanks, I set it up like this:

I have this board as well.  I initially had this issue with the 64bit version, but when I reinstalled with the 32bit version I got a dhcp address on my wan link right away.  I did not have to change any ip v6 settings.

Yeah it is true, it creates the rule for you - doesn't mean there is not two rules ;)

Do with it what you will, combinations of possibilities are almost endless..  But I can tell you, you get some other engineer that finds this - and he is going to go WTF were they smokin??  ;)

Hmm, not a significant number of errors then. I would suggest it's problem at their end.
Do you have access to the modem web interface? You could try pinging that or checking its loading.

Try changing your monitor IP to something other than the WAN gateway, say 8.8.8.8. The gateway router may be, justifiably, prioritising ping responses far below everything else.

Steve

pfSense only supports X86 hardware and all the 'mifi' units I have ever seen are some type of SoC, ARM or MIPS. To use pfSense as a captive portal you need an additional X86 box that would use the mifi as its WAN and provide wifi on its LAN. You can use almost anything you have to hand for that box but you probably want something portable like say an Alix box. http://store.netgate.com/Desktop-Kits-C82.aspx

Alternatively it may be possible to run the captive portal directly on the mifi using an alternative firmware such as OpenWRT. It depends entirely what the actual hardware you have is and whether you have done this sort of thing before, it can seem a bit daunting the first time!  ;)

E.g.: http://wiki.openwrt.org/toh/zlmnet/mifif10n

If you have a device that can run OpenWRT then there are several captive portal solutions available for it.

Steve

Some research later. It looks like I'm well behind the times on this, schedules are now handled by pf not ipfw so you should have no problem. This has been the case since 2.0:
@https://doc.pfsense.org/index.php/2.0_New_Features_and_Changes#Firewall:

Schedule rules are handled in pf, so they can use all the rule options.

Steve

Can you post screenshots of Interfaces->(assign)  Interfaces-(assign)->VLANs and the WAN, LAN, and OPT interface configs?

And naturally on further inspection I find it to be my fault. Ram disks are set to 512mb and ntop was running on said ramdisk. Neither of which are defaults.

@skysurf76:

Please make whatever change is necessary so this doesn't happen to anyone else.  I've done 100's of port forwards in my life with no issues, and even did standard port forwards for xboxs with pfsense in the past and didn't have issues.  This was infuriating.

What you call infuriating is actually a feature.

https://doc.pfsense.org/index.php/Static_Port

The last paragraph on the above web page is what you want to read.  You should have made a static port NAT rule for just the IP of your brother's Xbox, not your entire LAN subnet.

How are your subnets arranged? Either of these pfSense installs transparent?

Do you have the correct update URL set in System: Firmware: Updater Settings: ?

Try this: https://doc.pfsense.org/index.php/Controlling_IPv6_or_IPv4_Preference

Steve