@glor:

Ok so I found this on another website about pfSense -

NAT Limitations

PPTP and GRE Limitation - The state tracking code in pf for the GRE protocol can only track a single session per public IP per external server. This means if you use PPTP VPN connections, only one internal machine can connect simultaneously to a PPTP server on the Internet. A thousand machines can connect simultaneously to a thousand different PPTP servers, but only one simultaneously to a single server. The only available work around is to use multiple public IPs on your firewall, one per client, or to use multiple public IPs on the external PPTP server. This is not a problem with other types of VPN connections. A solution for this is currently under development.

AFAIK, this is a problem in TCP/IP's design since NAT only translates UDP or TCP.  GRE cannot be translated.  No firewall I'm aware of "fixes" this problem.

for those that don't want to change this by hand, a fix for this will be in 1.2.3.

I also rolled it into the newly updated Dashboard package (0.7.0).

Please the not working Config.xml and /tmp/rules.debug.
It is possible to use tag and tagged separately.

Try latest snapshots.

@billm:

This is a PHP and libxml2 bug (http://bugs.php.net/bug.php?id=45996).  We're waiting on a fix from upstream.

We backrevved libxml2 as a workaround a couple days back.  It looks like PHP 5.2.9 is out - we'll give it a couple of days to stabilize before attempting to bring everything back up to current in 2.0.

–Bill

This issue has been solved.

Please view post http://forum.pfsense.org/index.php/topic,14525.msg76956.html#msg76956

yes i can not use gateway edit.
delete and exist new one. i am using DHCP for wan and opt1, otherwise i can not delete or edit gateways.

Sure!

Will have to reinstall it :)

in day or two i will post it.

@ermal:

@takoateli:

I had to downgrade from Friday's build of 2a to 1.2.2 because I was suffering poor performance. When doing video streaming other services were working poorly.

What does that mean that it was doing its job well but you didn't supposed it would !!!
That seems like you gave video streaming priority.

The comments above are a hard guess, can you share more information on you actually mean.

Sorry if I wasn't clear. No, I didn't give video streaming higher priority. The problem wasn't that things were slowing down due to bandwidth limitations and qos working properly but rather everything was slowing down. My hardware couldn't keep up. Its a stinky old machine and just about nothing will run on it except for pfsense 1.2 or smoothwall which I'm running now. So I don't know if pfsense version 2 just needs more horsepower or if the alpha has some issues which will eventually be resolved. I'm only trying to use such old yucky hardware because a friend needs a firewall but he's not convinced enough that he's willing to buy a new machine.

Thanks!
Greg

Okay a short log part of the errors when he randomly disconnects:

Feb 19 18:51:54 php: : ERROR! PPTP enabled but could not resolve the $pptpdtarget Feb 19 18:51:54 php: : Could not find gateway for interface(wan). Feb 19 18:51:54 last message repeated 9 times Feb 19 18:51:54 php: : The command '/sbin/pfctl -o basic -f /tmp/rules.debug' returned exit code '1', the output was 'pfctl: DIOCSETSTATUSIF' Feb 19 18:51:54 php: : New alert found: There were error(s) loading the rules: pfctl: DIOCSETSTATUSIF The line in question reads [ DIOCSETSTATUSIF]: Feb 19 18:51:54 php: : There were error(s) loading the rules: pfctl: DIOCSETSTATUSIF - The line in question reads [ DIOCSETSTATUSIF]:

Verified as fixed.

Thank you!

@databeestje:

racoon can not do IKEv2, but I believe people have reported success with the Nokia 5800 on the ipsec-devel list.

I was more thinking racoon2:
http://www.racoon2.wide.ad.jp/w/

Ronald

Oh sure.  Now I feel like a heel for not mentioning Sam.  He also rocks.

For that matter, he must have a will of iron and the patience of a corpse in dealing with Atheros and their driver code.  The quality of his code was obvious in his sanitized ath_hal code of a couple of months ago.  The man is a wireless puppet master.

Fixed, thanks.

–Bill