Great!  Good to hear.

Thanks, I've add this:

http://faq.pfsense.org/index.php?sid=147209&lang=en&action=artikel&cat=1&id=178&artlang=en

"and Luiz should be installing the .po files soon."

Still have not heard from him…

Oops, missed your reply before my edit…

Anyway, reapplied 09-06-06 and then followed your directions and voila!! It works!! Awesome!! You rock!! :D

Thanks!! 8)

this is a windows issue i have lots of experiance  with windows clients and pppoe so you have to believe this some clients will work fine and some don't
you really need to use a good pppoe dialer on any version of windows.
dr tcp will help you lower the mtu so you client does not have so many problems
i would also suggest you disable your ccp extension son the pppoe server on pfsense. i can't remember the config paramators for mpd daemon but the docs for it are on sourceforge

also another issue we see a lot is the defaults for windows pppoe auth are wrong for our setup and need to be manually adjusted.

my two cents worth i have a bit of development time at the moment so should be around on the forums for the next few days if you have other questions

It changes the IPs inside the ftp protocol to make it work with NAT and punches dynamically ports open that are needed for the ftp transfer. ftp doesn't happen on one port only (TCP 21 is only the controllsession).

Yes, you only can shape between 2 interfaces. However the problem with your setup is the following:
If you shape at the LAN side of the gatewaybox you can shape the overall bandwidth of all WANs of the gatewaybox only. So let's say each WAN has 1 mbit/s upd and down to keep it simple for calulation. This means your overall upstream isw 4 mbit/s. Now your shaper let's a single connection go out with 4 mibt/s. Now that single connection only can use 1 WAN at the same time, so it will max out the line at 1 mbit/s though it is allowed to use 4 mibt/s at the shaper box. This will overload 1 line whereas the other 3 lines are still idle. It won't work efficiently in that scenario. To make this work with multiple boxes you would need one gateway and 4 shapers at eah WAN of the gateway. This is an ugly setup and I agree to that, however it's the onyl way to do this right with multiple boxes. I have played around with custom shaperrules and a 2 WAN, 1 LAN setup but haven't managed to get it working the way I wanted it to work. However there are people reporting some kind of success with custom rules and multiple WANs. We'll hopefully have a multi interface shaper after 1.0 is out but trafficshaping gets pretty complex when using multiple interfaces so there is no timeframe for that feature yet.

Check at the bottom of http://pfsense.com/index.php?id=38 for the paypal account.

Thanks for your reply, it will probably be simplier to enable webGUI on the wan interface of my babyTel gateway.

Thanks for your great work on that firewall package, I love my now really effective QoS provided by pfSense… The QoS of the linksys is weak, as I use my bandwidth almost 100% anytime.

MageMinds

I am seeing this as well.

However, this has nothing to do with squid being broken.  Squid BARELY works out of the box if you don't alter any settings.  Altering it's settings is a sure way to make it not work at all.

Yes, we are aware of the sitaution but we have bigger problems to fix before we finish squid.

I'll look into the corrupted packages, however.

Did you actually install the ISO?  There are no ports files, the packages system uses binary packages.

And cvs_sync.sh has been disabled so you really should start a different thread as this is no longer related.

Thx for the infos

I'm not going to set it up right now, but was just thinking about… it's better to know if it is possible before buying hardware ;-).

@prodius:

Hi,

Short question. Is it possible to save the configuration to a cf disk in the appliance? I know you can download the config, but that's not enough. Every change made to the firewall should be written directly to a cf disk. Or should we create a cronjob to do this??

We're planning to use a full installation on a hard disk in an appliance we put together. Those machines will replace a bunch of commercial firewalls (netasq) at our custumers sites. Why you might think? Great features (multi wan, failover, etc) without any extra costs. If you search the same functionality with a commercial product…

Thx.

All you should need to do is disklabel, newfs, mount the CF over /cf and update /etc/fstab.  Some FreeBSD administration experience is helpful here of course ;)  You might be able to get away with the CF being FAT32 here and just mount that in /cf.

–Bill

@mastrboy:

If im not totally wrong here it is not authpf that does the actual authentication, it's the SSH daemon, so you could configure the SSH daemon to authenticate against pam_ldap or similear i guess.

Correct, authpf doesn't do the authentication.  It does require a TTY though and that requires more access than I'm willing to give my users.  OpenBSD did the right thing as far as it being part of their core OS (and handling authentication), however I disagree with the implementation for pfSense.  It needs a utility that can be deployed to the desktop and doesn't require anything more than an authentication prompt on the firewall (which can obviously be handed off to radius, ldap, whatever).

–Bill

ohhh right sorry no prob.  Putty does work now thanks