thank you podilarius, I think there's something going on with the DNS on the snapshot version of 2.1-RC, I downloaded the stable version and everything is working fine now. There is an extra step in 2.1-RC which confuses me when setting up the LAN if you choose to, it asked me for the IP, and then the default gateway, then the ranges for DHCP, probably those options i am not doing right, for now I will stick with the stable version thank you.

I figured it out my CDROM drive was faulty used another. And about the ethernet i ended up buying one that is supported by FreeBSD. Right now im using another computer though.

Sure, either renumber it at the console before going to the GUI or change it in the initial setup wizard.

It's likely to be a problem with the SCSI controller rather than the drives them selves. What controller do you have?

Just so you know pfSense is built on FreeBSD and FreeBSD is not Linux.  ;)

Steve

Won't really help. See man usbconfig(8) on how to get some useful info about the device.

I prefer the physdiskwrite….. Never had problems with it ;)

If you want /need a GUI ---> physdiskwrite 0.5.2 + PhysGUI   (Just "unzip" and run)

BTW, let's test the "New" "Thanks Button"  ;)

I can’t check it now because no PC behind PF. But then I configure my PF I try to connect to pfsense.com and I have access to web site. And now I detect that ripe.net I have not access to. I set MTU=1400 and it’s not help me  :'(

Interesting news. I made an image of the CF card that came installed from Netgate and I installed that on the HD.

Instant success!

They must have a special build going on there.

It still would be nice to do a regular install though. I'm going to see if I can get a build from Netgate.

I suggest you go through your NAT and Firewall rules and look for any reference to port 443/HTTPS that shouldn't be there.

Perfect!

Just tried it out and rebooted and the change has stuck.

Thanks a million for all your advise  :)

Might be of relevance: I am using gitsync (gitsync'ed a fresh 2.0.3 install, which pulled some pkg's for git). I have not tried deleting tables before the gitsync install/updates though. I have also installed ripe-whois from the freebsd repo.
Other packages installed:
pfBlocker, Ipguard-dev, nmap, OpenVPN Client Export Utility

@onlineph:

However, please be patient to reply more since I'll be asking you about how to use that section:

I have no experience with that facility so I'll guess.

@onlineph:

I have 5 boxes, and each of them I have generated vouchers. Will this section able to sync the vouchers from each other?  Meaning my user from box #5 would be able to use his voucher when connecting from box #1,2,3 of 4? Or is this feature can only sync two boxes?

The wording on my pfSense2.1 snapshot build system:

IP address of master nodes webConfigurator to synchronize voucher database and used vouchers from.
NOTE: this should be setup on the slave nodes and not the primary node!

suggests there can be multiple slave nodes.

@onlineph:

2. Where can I find "Voucher sync port" number?

The wording on the page suggests you need to specify the port used by the web configurator on the master node.

@onlineph:

3. The "Voucher sync username" is this the very log-in credential when you enter web GUI? of is this a separate credential to set? If so, how?

I suspect you would need to specify credentials of a user with at least some of the privileges related to Vouchers (if using pfSense 2.1 snapshot build), but it is unclear which ones. It is probably not "good practice" to use your admin account.

D-Link has changed the chipset on that card multiple times without changing the part number. It's impossible to tell from the name alone what actual chipset it's using.

If you can post the contents of /var/log/dmesg.boot and

Then we can maybe tell what card it really is and if it's even supported in pfSense 2.1 (if you haven't tried 2.1, try a 2.1 snapshot, it may work)

There are multiple ways that you can accomplish what you want. I'll list some of the options, but let's address first things first. The first issue is "how do you identify the clients that have time restrictions?". The simplest and most obvious way is to assign them specific IP addresses based on the client MAC address. However, if they can switch to other machines and you still expect the restrictions to apply, you will need to force the user to authenticate somehow. I don't know about squidguard, but dansguardian implements several different authentication methods.

Once you figure out how you want to identify the client, the question becomes "how do I time restrict client access to certain destination sites?" I can think of several options to solve this:
1.) Firewall rules with a schedule. The biggest issue of using this approach is that you must create a URL table that has all of the IP addresses of the sites you want to block access to. Unfortunately, some of the sites you list have multiple IP addresses and those addresses can change over time. There are ways to determine the addresses that a name can resolve to and automatically update them - but it gets challenging. I have some sample code to do it if you are interested. Also, the only way to "apply" the restrictions to a client would be based on the incoming IP address.
2.) It is my understanding that squidguard can time restrict access to a site (i.e. dns lookup rather than destination IP address), but I've never implemented it. I'm not sure how you authenticate users within squidguard to determine if a restriction should apply.
3.) Dansguardian can block access to sites for a timeframe (similar to squidguard). You can create up to three different groups that have different filtering profiles and assign users to groups based on your authentication method.

I think any of the above will work depending on your requirements. Filtering flexibility and capability increases in the order that I have listed them… however, complexity of setup also increases in the same order.

This worked out.
Wan = /30
Lan = /24 local 192.168.100.x with dhcp
Opt1 = /27

And I had to enable ports (80, 443, 21, etc) on all interfaces

Thanks for the help

ok, it should be OK in the next snap now.

I didn't notice that it was also in the "remove list".

Looks like you might have a blank user entry in that config.xml.

Make sure you don't have any entries like "<user>" in there. If you do, remove them. Also make sure it doesn't exist on the primary. If it does, you'll need to fix it there, too.</user>

Thanks, Steve!

After installing FreeBSD 9.1.0 (i386) on the box, I was able to get the fans under control through this process:

Installing the compat4x-i386 package.

Extracting the contents of http://people.freebsd.org/~jcagle/hpasm-7.22.tar.gz and modifying the INSTALL script to accept my version (ie. changing the if statement to accept '9' as valid rather than just 4 or 5 for these older versions of FreeBSD).

Running the modified INSTALL script and (hey presto) fans are much quieter now.  The hpasmd daemon loads automatically on each reboot.

When I attempted to replicate this on pfSense 2.0.3-RELEASE, hpasm installs but hpasmd coredumps when executed.

What this tells me is:

I'd probably need to investigate if the COMPAT_FREEBSD4 flag is enabled in the default 2.0.3 kernel (I assume that it is not);

It is possible to get these fans under control under stock FreeBSD and likley to be possible (if the answer to the point above is no) through custom built pfSense kernel; and

If I wanted to do this on pfSense, I probably wouldn't be able to blindy follow the web gui upgrades without checking that these modifications were preserved.

So, problem (probably  :-) solved