I re-checked everything. Probably is a switch thing. I use the vlan for VOIP. I tried connecting a laptop on the VLAN and everything worked just fine. Will check the switch. thanks for the help. best regards, -eduardo s.m.

Thank's for the hint, but this was the first thing I looked for. I found my fault, it had nothing to do with pfSense. It was a matter of routing inside the network.

Many Thanks..works like a charm !!

You also need to compare license and maintenance fees. Often the Cisco hardware is capable of a lot more features and functionality than you buy out of the box, but you must pay additional fees to unlock these. With pfSense you get all of the functionality without any of the added fees. (The "Cisco tax" as some people call it.) There are some features that a PIX/ASA has that pfSense doesn't (like IPsec+NAT) and there are many features that pfSense has that a PIX/ASA does not (too many to list here!) You may not be using any of these features, but many of us do. :)

That worked. Thank You.

I'm not sure if it is possible on 1.2.x, but on 2.0 beta you could probably configure WAN as "none" for the address type.

kpa is correct. That is normal traffic from the FTP helper, which is why it was logged.

The only rules that matter to the IPsec tunnel are on the IPsec tab, and there you have an allow all rule. What exactly is it that you are trying to accomplish? You're contradicting yourself saying you want to block all connections and still "see" the remote network. You have to allow something or the far side of that tunnel will never be able to get back into the network behind pfSense. What do you need to be able to do that you can't do with the rules you have?

It is now working!!!! Thank you so much!!!! Pfsense is a great that is why I stuck with it even though it has been difficult for me. I did not study computers in school but I now work in the IT field.

@sopheak: Can you post image to me. because i dont understand Or you could go to "Services|DHCP server", as clearly pointed out by GruensFroeschli ("config page of the DHCP"), and have a look. You should have one tab for each interface apart from WAN.

Hmmm.  Ok, I tried putting the PAP2T on the same LAN as the trixbox server to see if I would have the same problem.  On the same LAN, I don't have any of the issues that I reported in the original post which is good.  So, this problem occurs when the PAP2T is remote in either case (a) where the PAP2T is behind NAT on another network connecting via port forwarding to connect or in case (b) where the PAP2T is on a remote network at the end of a VPN tunnel to another pfsense box.

Well, my apologies. It seems that's re-enable the set up of the LAN does resolve the problem. I had some ethernet cable trouble… Thanks again for your help. ++

Yes weird thing is I saw the packets coming to pfSense and not coming out of another interface. It was happening to only this particular SYN packets with duplicated (already existent states). I'll try to double check but it seems remote side has fixed the issue.

You would probably either need to set up the web server to not allow HTTP methods other than get or post or set up a reverse proxy and block them there.

Also when I tried to update snort it gives me this error message. Directory so_rules does not exist… Error copying so_rules... I have this version Snort 2.8.4.1_5 pkg v. 1.6 Hope for your help. Thanks.

Finally got it working. Thanks for your help and regards