@NogBadTheBad: Also as John mentions most access-points need their management interfaces in an untagged vlan. For most situations (such as UniFi) you can have everything tagged on the firewall and just set your ports native on the lan-vlan and tagged on the wifi-vlans. Only exception I have seen is some crappy switches that can only be managed from vlan 1. It is also sometimes needed when you don't have the luxury of re-programming the entire site. That being said, my early Cisco training stressed that it was bad practice to use vlan 1 as a production vlan, and I avoid it when possible. Your mileage and OCD may vary.

NEVERMIND!!! It would figure the a little more thrashing around myself would resolve into an answer. The DHCP gateway on the pf2 box was somehow screwy. So I gave up on DHCP for WAN … I assigned the WAN on pf2 a static IP in the LAN (10.1.1.x) and manually defined the gateway as the pf1 box. Voila! 3-hours later, I can now begin the experimentation I hoped for.

/etc/rc.php-fpm_restart Thank you

System logs are a good place to start. In my case it's usually a PPPoE problem because my ISP went down.

Can you post the interface configuration (screenshot preferable) for WAN and the gateways screen at System->Routing->Gateways.

Good luck.

OK now I understand but unfortunately I don't have a solution for you other than to manually assign a VIP when you need to access the modem admin page, which have already thought of.

What are you planning to do with pfSense?  Are you going to use it to route traffic between networks or act as a LAN appliance of some type?

HAProxy 1.7 stable was just released so you might want to try the 1.7 Dev package with the hope that it will be upgraded to stable soon enough.

Thanks for the reply's , i will give it another try and see if i can get the system running faster :)

Is that their Orwellian way of saying "DRM"? There's no DRM involved.  The videos are simple mp4's.  A quick Google shows it seems to be a Vimeo problem.  Lots of people with the same problem going back a couple of years.

I already linked you to the code - /conf.default/config.xml is the factory config.

Oh yes!  so stupid absolutely my fault sorry  :-\ Thank you!!

That's just it, though. PCI Compliance requires the CC server to have AV, but the AV interferes with the machine all the time and causes all kinds of billable issues. It is FUBAR.

The serial console is disabled in the web configurator (and /boot/loader.conf), but ttyv0 is still activated in /etc/ttys and I cannot disable it, as the file is regenerated on boot. Is there any way to disable the console permanently and stop it from taking over the first serial port?