I was able to access the web (port 80) gui of my server by binding all request to that server to the same wan as the server.

@thekurgan:

I may be wrong, but with DSL/cable, aren't the upload speeds much lower than the download speeds?  Just something to consider if you're pushing as much data as you're pulling.

That is usually the case, but in some areas the upload speeds of DSL/Cable exceed that of a T1.

It doesn't do that around where I am (yet?) but it really depends on your available providers and the products they offer in the area.

Does the VPN client provide any logging?  Once the IPsec tunnel is up between the client and the remote server, there's nothing that pfSense can do to restrict traffic.  That means that the problem is most likely to be with the VPN client.

That page wasn't updated at the 1.2.1 release, it was an oversight. I just updated it. Updating that page has been added to our release procedures, thanks for the heads up.

never mind fixed  :)

to everybody who helped me (responded to my querry..), thank you so much! it was such a big help to me. i am now on my way in finding out the pppoe profile of my wireless connection. i will certainly tell the news later on to you guys. again, thank you so  much.

If you look in the OpenVPN forum you'll find guidance and advice there.

oh i'm sorry, because missmatch perseption about VLAN in my mind. the realy need is diferent subnet in LAN card (172.16.1.1/24, 172.16.11.1/25).
regards

Sorry for not being very clear in my post. I wanted to let pfsense users to know  that it is not that hard to get verizon to provision the data over ethernet so that you can  use pfsense instead of actiontec.

Yes. You could have two lan subnets off of separate interfaces- either two separate NICs, or vlan interfaces with a managed switch.

I thought so, but meanwhile I found that disabling scrubbing won't solve the problem with sending messages from the tax report programs. Their a nightmare to setup and maintain and I'm more and more convinced that this system is causing the problem and not the connection, so there is no need for the setting. I will upgrade the second box anyway but that will have to wait until I'm on site.

Thanks for the suggestions.

The default, at least on my boxes, seems to be 1200s (20m). You can set it temporarily (until reboot) with the command

If you want to make it permanent, add a line to /etc/sysctl.conf

@wallabybob:

In /boot/loader.conf you could add the line

vm.kmem_size="768M"

to set the physical memory available to the kernel to 768MB.
Forget about monitoring vm.kmem_size; it won't change. I was confusing it with something else. Sorry! The other commands are still useful for monitoring how much of the available memory is in use.

TNX. Will try.

BR

Sasa

@ktims:

Wondering on the rationale for this. It's currently being set larger than the total memory on my ALIX box and I'm concerned that something stupid is going to happen when/if the allocator ever tries to use this extra memory.

There is no point setting vm.kmem_size larger than physical memory size. You probably don't want the kernel growing to use all of physical memory and leaving nothing for applications.

On my pfSense box which has had multiple upgrades through the 1.2.1 series and is now running the released 1.2.1 /boot/loader.conf contains

autoboot_delay="1"
kern.ipc.nmbclusters="0"

I don't remember making any changes to this file. I wonder how your /boot/loader.conf got an entry for vm.kmem_size. I suspect you could safely delete it. I wonder if there is any other "junk" in there.