The only way this can happen is configuration corruption otherwise this will work quite ok. Please give screenshots/config.xml//tmp/rules.debug/ifconfig/netstat -rn/ps -ax output to debug this.

Ahhh! After a search of the forums (2.0 forums at least since it seemed like a bug) turns up nothing and me having read most of the pfSense book recently and not seeing that info…quite non-obvious and harder than pfSense usually makes it (and I must have missed it). But, thanks for the link and for there being a workaround :-) Is there a reason this route is not added by pfSense automatically for known networks at the other end of IPsec tunnels? I did test the solution, though the steps are a bit longer in 2.0 (have to add the new gateway first--and the "add one now" link from the Static Routes page didn't actually do anything when I clicked it, perhaps this is a real bug) it seems to be working now both for ping and for the DNS Override. Thanks!

32 bit build…yes...I have all 3 working.

Although I'm sure it was the latest snapshot, it disappeared after a reboot, so I really have no idea what the problem was.  I'm assuming it was just an odd error, most likely on the browser side.

Should be fixed on newer snaps.

Quite probably. I just auto upgraded successfully. Regards…Martin

The redmine ticket references RP 149185 which is a problem I haven't seen (integer divide fault).

Hi gnhb, thanks for adding it. I tried it and it works fine, but there is one problem. If I click save on Inerfaces -> WAN page empty service name is not added to mpd_wan.conf, so I have to go to PPP config page and click save, only then I am able to establish PPPoE connection. Also if I save config on PPP page, then save on WAN page and then go back to PPP page 'Configure a NULL Service name' will no longer be checked. I think it would make most sense to have 'Configure a NULL Service name' check box available on WAN page (if PPPoE is selected) as well as PPP page so it's less confusing to set it up.

@grazman: I misspoke and meant virtual IP. I thought the behavior should be ti list each IP separately, as I recall it haveing done that before. With yesterday's build it is not doing that, so adding the virtual IP's individually seems to work fine. It did, and still does on today's snapshot. Where are you seeing that it doesn't?

Just put those in your server config (as a custom option if needed), then the server pushes them to the client. Server pushed options don't go in the client config file.

The pcap shows nothing is answering the SYN, so something you have there is overriding that fwd, possibly Squid with its rdr. Either start clean and see at what point it breaks as you add things, or start removing things, I'd start with Squid, and see what happens.

Should be fixed now.

I down graded to http://snapshots.pfsense.org/FreeBSD_RELENG_8_1/i386/pfSense_HEAD/updates/pfSense-2.0-BETA4-4g-20100821-0549-nanobsd-upgrade.img.gz at around Aug 23 15:36:41 syslogd: kernel boot file is /boot/kernel/kernel and awaiting the issue to re-appear.

I will check this later today and post back. Thanks! Ray

It worked after updating to yesterday's snapshot and starting over (new certs, server, client, rules).

@grazman: Does anyone have PPTP working on a 2.0 install dated in the last month or so? After updating the snapshot to yesterday's build it will work only if I put the proxy arp of the pptp server in as a workaround.

tinydns doesn't allow that AFAIK, believe you'll need BIND.