kpa, thanks for your reply. Yes, the traffic is actually blocked by the pfsense router: i've tracked the packets using tcpdump, from the client to the pfsense to the web server (Zimbra mailserver) and back to the client through the pfsense router. This is were the packets are stopped. I have several applications (database and a Freecom file server) accessed by remote clients  and the connection to the Zimbra mailserver is the only one blocked on its way back. Thanks for your help.

Well, ripping everything apart, trying various pci network cards, and putting it back together, allowed me to determine that putting it back exactly how it was fixed my problem.  Not sure exactly why (maybe just having the modem unplugged for a while) it is now fixed, but it is. What I was able to find out, is that the jetway case I bought to go with my intel motherboard is a pain to work with, and I cannot get the pci riser working reliably with the atom motherboard (I can see the network card, but it isn't able to get any traffic flowing through it, and I get a bunch of watchdog errors).  But that is a problem for another day ;)

I find that using a voip phone over an IPSEC VPN tunnel affects the call quality quite seriously. I guess it is the overhead of the encryption. I have the same problem with a couple of home workers. Will try out the Alias hostname. Thanks

I tried to change the number 64 into 24 but no luck.. Configure the interfaces ifconfig $IFOUT inet6 alias 2001:4cb8:a95:1::2 prefixlen 64 changed to 24 ifconfig $IFIN inet6 alias 2001:4cb8:b95:1::1 prefixlen 64 changed to 24 …. I use "ipconfig on windows workstations but i dont see this kind of ipv6 ips.. jigp 1.2.2

Hi can you tell me how to know who brute force the box and also how to set limit of connections on ssh? Thanks jigp 1.2.2

Firewall –> NAT --> outbound Enable manual outbound NAT rules. Delete the autocreated rule and nothing should be rewritten anymore. Make sure you have the correct static routes on the upstream devices set.

Its nice to know these things but how to know if somebody is trying to access my box? jigp 1.2.2

Did you ever try to restart the pf? jigp 1.2.x

Hi good afternoon! Are you trying to block something? or what?

Hi good afternoon. Go to General settings and check "Allow users on interface" and "Transparent proxy" Proxy port: 3128. Save and you are off to go. jigp 1.2.x

If it works your next options would be to do networks dumps and analyze them (or show them to us so we could analyze them).

I don't understand your problem with uPnP, sorry can't say anything. Port forwarding is NAT. Firewalling is Rules. You can set up them independently (if this is your question).

if you tell us what you are trying to achieve then we will probably be able to help you. Why do you specify source port range? Does it work without alias?

Do you know who sells them? How much?

Hi, I've found a solution from this topic http://forum.pfsense.org/index.php/topic,9016.msg51238.html#msg51238. After changing line 1017 in /etc/inc/filter.inc from: $after_filter_configure_run[] = "/usr/local/sbin/pftpx {$shaper_queue}-f {$target} -b {$external_address} -c 21 -g 21"; to: $after_filter_configure_run[] = "/usr/local/sbin/pftpx {$shaper_queue}-f {$target} -b {$external_address} -c 21 -g 21 -r"; it works as expected.

Homework for MrVining: what is the subnet if you are given IP 10.0.0.147/26 ?

Donate your son's computer and find a girl-friend for him ;)

To block nmap from being used behind the router, simply disconnect the network cable to the pfSense host ;)

To harden your setup more: Set the WebGUI to https. Set the WebGUI to a different port than 443 (i usually use 444 :D ). Disable the anti-lockout rule (under system–>advanced) and allow access only from a source you control. Or even better: dont allow access to the webGUI at all besides via a VPN (OpenVPN comes to mind). Run as few packages/services as possible. But these are just generic "security measures". pfSense is with the default settings already pretty safe.