To preface this, I have been doing networking a LONG time, and actually know it quite well.

To answer your question, I need a lot more information about what you are trying to divide, and from how many people.  As an example, Vlan vs discreet nics;  A vlan can be busted out of and you can see all traffic, as well as load on one is (to some extent) load on all.  But you can not do trunk ports on discreet nics…

@AudiAddict:

Any idea's on how to resolve this?

Do a firmware upgrade to a snapshot build of pfSense 2.1 which is based on FreeBSD 8.3, one of the current versions. If you still have problems submit a FreeBSD problem report including the pfSense crash report.

I suspect it will be difficult to persuade any of the FreeBSD maintainers to look at problems in FreeBSD 8.1 (used in pfSense 2.0.1).

If you need help with any of that ask here.

I agree they are nice units.

@guigui42:

I want to dispatch users in different VLANs depending on their MAC Addressses.

I don't understand what you mean - do you want to be able to plug in computers at various points in your network and have them assigned a VLAN dependent on the MAC address and independent of the connection point? If so, I suspect this would need special software in the computer as well as special software on some server.

May i have help from anyone. still unable to resolve it. Please help me.

@luddie:

how do i retain the changes ive made in the console after a reboot?  whatever changes i make is always lost after a reboot.

@luddie:

i have made a few changes to config files like spamassassin's local.cf

On startup, pfSense regenerates all configuration files for applications installed through pfSense from a single configuration file maintained by the pfSense web GUI. Thus configuration flle changes made outside the web GUI are lost on startup.

Use the web GUI to tweak application configuration; don't edit application specific configuration files.

Edit: attempted clarification.

The system log might have some clues, and perhaps if you watch "top -SH" from the console you'll spot the process using up the CPU time.

Somebody might use, i don't

It works fine, you might need to toggle "Prefer Old IPsec SA" under System > Advanced on the Misc tab. You might only be able to use 3DES/MD5, as some of those Linksys units, even if they claimed to do other ciphers and hashes, only worked properly with 3DES/MD5. That may have improved over the years though.

Thank You, very helpful

Having installed Squid & Lightsquid, I can see that light squid uses some Perl PL/CGI scripts and serves pages. like 192.168.1.1/lightsquid/index.cgi

How does this serve these web pages?  I know I can add web pages to the captive-portal area, but is there someway for me to add some custom pages like lightsquid does?  I cannot see anywhere in the fils system how to do this (using the file browser package).

Thanks alot.

edit

Ah, ok, seems I can add things here: /usr/local/www/

Great stuff. I remember that now. Sorry i was being completely blond.

Sigh.

Thanks a mill

After changing the timezone to something else and then setting it back to Europe/Amsterdam + reboot it has been solved. Wonder why it didn't work the first time.

Thanks for the solution though!

The collisions are shown at those interfaces so the mismatch would be between the pfSense interface and whatever it's connected to.
However duplex mismatch is usually (always in my experience) associated with a massive reduction in throughput. Like <1Mbps.
It's still the first thing I'd check.

Steve

I've seen this issue occur when I am doing a lot of torrent downloading or something intensive. I've solved this issue by increasing the amount of states. Increase the Firewall Maximum States past the default to something like 400000 for example. Also check how much resources RAM/swap pfsense is using and see if it's a resource issue.

btw thanks for all the info guys. i'm learning a lot thanks to You! i hope this thread and any info / links here will help others!

@stephenw10:

Hmmm.
The 24 port switch is significantly more complex.
It may have a setting that limits web GUI access to clients from it's own subnet. Since you are trying to access it routed via pfSense it would block that connection. This is relatively common.

Steve

ok good, that makes me feel a little better about not being able to connect to it.

thanks for your help.

I'm installing for several clients and have the mentioned problems every time, so the problems still persist. Any install with gmirror fails notably and reproduceable on any kind of hardware.

@marcelloc: same here, any time i have a screen several  hours open, i want to actualize that screen, i get the login-screen, login, get the CSRF-message, have to login a second time.
opening a new tab, point to my pfSense without logging in, wait some hours, then login, same as before: 2 logins. reproduceable. Every time.
So i decided to disable the automatic logoff due to this thing. :( I'm using safari. But same happens with firefox. Both on mac)

@jimp: None of a gmirror is shown at a install from live-system. And the described things are a real thing, no dream (nor bad dream) from me. I even redownloaded the stable 2.0.1 to verify that its still present. Sorry. Will that be repaired or will that be maybe in a future version? Is there still any working on the release or only on the next release? Thx for clarification.