If you want to block LAN PCs from accessing port 80 and 53 (presumably from Internet hosts?) then put rules to block those ports (with the proper protocol selected!) on the LAN tab, at the TOP of the list.

If that is not what you are after, it would help if you restated your question in a more detailed manner.

Please don't double post things, if your original post has gone without an answer for 24 hours, feel free to bump it by replying to it.

Either hardware bugs or FreeBSD ACPI bugs, you'll have to replicate on a stock FreeBSD and report there to get it fixed. BIOS update might fix it.

There was a fix committed a couple days ago. Either wait for a new snapshot or gitsync to the current codebase and it should be resolved.

I found a thread saying that squid doesnt understand MultiWAN so how it will work with 2.0
as pfsense is moving towards 2.0 while squid is still 2 and 3 is still not stable

@rudraansh:

See the basic funda is Squid will work unless you dont use MULtiWAN.
Because we are still in beta stage.the upgrading might have messed up with squid config.
Just configure it once again. IT should work.

I did a factory reset about 4 times and even built up everything by hand - no luck.  I did notice that after installing squid (with no errors) I do not see squid in the installed packages list.  It does however appear in the menu and I can manipulate its settings.

Just explain to me - I do not have multiple WANs.  I have one WAN, one LAN and one OPT1 (for Wireless).  Is this config currently supported and working in pfsense beta 2?

That widget is not compatible with 2.0, unfortunately.

That shouldn't even be on a 2.0 box. It only comes in the dashboard package on 1.2.x and could only exist on 2.0 if you upgraded from 1.2.x to 2.0 (and then it isn't a "new install" as you suggest.

OpenVPN was redesigned in 2.0 and I haven't had any time to rewrite the widget to handle the new setup. I just need to pull some code from the Status > OpenVPN page and see what I can make work.

By default it takes the gateway ip as monitor ip ,
So when i tried to change that monitor ip  and click save on opt interface(wan works fine)

The link given by you says whenever you try to change anything the interface changes to WAN.

Thats what I am trying to say.

I will install and check it once again.

Looking at the source code for  /usr/local/www/wizards/traffic_shaper_wizard_multi_lan.inc it seems like the protocol based shaping would create floating outbound firewall rules.  However after running the traffic shaper wizard (I deleted the above rules and tried again) I only see two entries under Floating - both for qVoIP.  None of the other protocols I selected (RDP, VNC as High Priority) made it to this floating firewall ruleset.

@rudraansh:

I tried but it didnt happened.
I am not understanding the gateway tab.

Whenever i tried to configure it something fishy happened.

I have 2 WAN connections and I upgraded from 1.2.3 to 2.0 and didn't have to configure anything. 2.0 imported my old settings and updated them for 2.0. It was quite nice. :)

Captive portal is not functional at the moment.
http://redmine.pfsense.org/issues/show/301

Just a PowerEdge 2850, dual Xeon 3.6, 8 GB RAM, running ESXi. That's roughly equivalent to the box it's replacing, the bulk of its duties is building snapshots. Box is working well, I just need to get the blasted DRAC reset to factory defaults (always a pain…) and we'll have it down to the datacenter this weekend.

The one we use for builds where very fast builds are more important is a dual socket quad core Xeon, also with ESXi.

Known issue.
http://redmine.pfsense.org/issues/show/301

I have installed the BETA 2 and I see that layer7 doesn't work, I don't know when you will fixed this problem.. I really think that pfsense is excellent and If is possible to use layer7 would be OK.. thanks for all

You could try edit /etc/ttys and change dialup to cons25

ttyu0 "/usr/libexec/getty bootupcli" cons25 on secure

If you want vid and comconsol you can edit /boot/loader.conf and add
boot_multicons="YES"
boot_serial="YES"
console="vidconsole,comconsole"

Not following what you mean, they're sorted alphabetically and the edit is properly associated as far as I can see. What are the exact steps you took to see this?

Got my 1.2.3 install to run stable again - I reset the BIOS settings to factory - that seems to have solved the problem with an interrupt kernel panic/reboot.

Maybe when I can sacrifice some downtime, I'll try again with 2.0 Beta.

@Perry:

I've been happy with the old version HP 1800-8G
But I'm unsure you'll get what really wanted to begin with
like the layout on this page with the 3com
In other words (maybe do to my own lack of knowledge) I don't see from the 3com docs the benefit of vlan support on the 3com if it can't transfer tagget traffic over the ethernet port and buying a new switch wouldn't change that afaics.

The 3Com WAP fully supports VLANs. I have everything working right now with the new switch I used to replace the Dell. It is/was the Dell that won't allow VLAN1 tagged traffic, not the 3Com WAP. Here's my config now:

em0: none
em0_vlan1: LAN - 192.168.254.1/24, DHCP enabled
em0_vlan2: Guest - 172.16.1.1/24, DHCP enabled

alc0 - WAN

1-22: VLAN1 untagged
23 (3Com WAP) VLAN 1 and 2 tagged
24 (pfSense) VLAN1 and 2 tagged

SSID: Private, Tagged VLAN1
SSID: Guest, Tagged VLAN2

If I connect to the private SSID then I get the proper IP addressing for that network and am able to communicate with all the other machines on my LAN. If I connect to the guest SSID then I get the proper addressing and cannot access the LAN, only Internet I've also setup a limiter for the traffic speed.

Riley

thats just too much info for a newbie in freebsd like me, i guess ill just wait for debug to be switched off later on.