@jahonix: Maybe if you correct the destination in your WAN rule from  124.0.0.1  to  224.0.0.1  it triggers and blocks? Yea, i saw that misstake in the firewall rule and have corrected to 224.0.0.1, still same result.

It was likely always there and you didn't notice it.  Looks like just the usual out of state traffic that gets blocked occasionally though that is more frequent than I would expect (though that depends on specifics of your network).

Correct.

Yeah your rules are messy. You have to remember the first rule on each interface that gets a hit will, be ran and everything after that will be ignored. In your lan rules you have any protocol on the Lan subnet can go anywhere with any protocol so all the other rules on that interface are pointless. The same for OPT1. If you get rid of the rest you should be good. Make sure the rest of the computers don't have a personal firewalls blocking ICMP packets. Good Luck.

We are having the same problem. Its very annoying. We have a 100/100 conenction and this update added much needed cpu speed but with this problem we are thinking of downgrading pack to 1.2

Well "LAN" is just a name for an interface. Just assing the LAN one of the VLANs and the other VLAN to the OPT1. Like this you dont have a private subnet at all since you dont need it. Yes for managing it a VPN solution would be good. However i'd rather go with OpenVPN than with PPTP. (I'm just a fan of OpenVPN ;) )

Please use the search function: http://forum.pfsense.org/index.php?action=search ( http://forum.pfsense.org/index.php/topic,5727.msg34562.html#msg34562 )

I just wanted to tell you that IPCop is able to do multi-wan. My brother uses IPCop and has 3 WAN connections.

If you get 5 IPs you most probably will get a /29 subnet. To use these additional IPs i would add them as CARP type VIPs (firewall –> Virtual IPs)

@tekzone: So you think this is due to the internet line and not the firewall itself ? Almost certainly yes.  Trying what I suggested will help confirm that.

Adding a rule allowing traffic to the WAN address does just that - allows traffic to your WAN IP. You need to change the destination to "any", or not your internal network, or block your other internal subnets before allowing Internet traffic.

Oh, this my fault. thank you very much, until the next question from me to use this pfsense.

i basically have the WLAN interface bridged to the LAN 10.10.1.1 and then that goes out to the WAN 10.10.0.2 (gateway 10.10.0.1) so now i want the WAN interface to stay as it is, the LAN stays with 10.10.1.1 but then i want to remove the bridge and set the WLAN to be 10.10.2.1 and then LAN and WLAN should exit through the WAN interface (but still be able to access eachother) on all interfaces i have the rule ANY -> ANY set as long as i have the WLAN in bridged mode with the LAN interface the firewall rules seem to pull - eg. when i set a restriction to a certain host as soon as i change into the explained goal scenario it seems as the rules just get ignored

allow this ports between the two networks 137,138,139 maby 445 also all tcp but it stil wont work with broadcasts so you have to go with ip address. /F

Think I have a similar problem. As far as I know I can tell you that the rules are not the origin but the ftp preprocessor. http://snort.org/docs/snort_htmanuals/htmanual_283/node101.html .

Thanks, means I was close enough thinking about it!

Your plan seems to make sense to me. Just remember to NOT use the interface holding the VLANs for anything other than that, e.g. don't assign it an IP/subnet itself. I would move the routing between subnets to pfSense and not let the Cisco do it. But that's related to the fact that I know how to do it within pfSense and wouldn't know about the Cisco. And I have all traffic control in one place. On the negative side I have additional traffic on the NIC holding the VLANs which in your setup is handled by the Cisco.