I have now cleared unused firewall rules and some aliases, that did the trick! My FQDN alias is now listed in the table's.

I don't have any specific rule to suspect, maybe it was the rule including policy routing that had an alias for the GW.

Thank you, I didn't even realize I had forgotten to remove Snort-dev.

@amer1canparatrooper:

Also, after setting the second LAN adapter (linux) to pfsense LAN address, I am still unable to reach the Internet.

It is not clear to me what you mean by the above sentence. Did you set a second network adapter in the Linux machine to have IP address 192.168.1.2? If so, that probably explains what you are seeing in the second ping of your screenshot. I presume the screenshot shows activity on that Linux VM. The ping of 192.168.1.2 responds since 192.168.1.2 is a local address. The ping of 10.0.1.105 gets "Destination host unreachable" since the local machine doesn't know how to get to 10.0.1.105. Your Linux VM needs a default route AND a distinct IP address, apparently on the 192.168.1.x/?? subnet.

Also, to answer your question, I didn't set pfsense to be a DHCP server.

All my other virtual machines are set as 'bridged' adapters, which work fine since they receive IP addresses from my router.  I have just recently set linux's LAN adapter to intnet as you suggested, which brought about a successful LAN ping.

I'm still puzzled.

Thanks for any further suggestions.

@wallabybob:

the 1GB image might have been suitable for your package mix.

I agree, and for the life of me can't remember why I used the 512MB image!!!

Thanks for the input

You are right…From now on, I will try not to duplicate the same topics...

@cmb:

Stop duplicate posting things, you still have 2 threads of this and I deleted 3 others you posted yesterday. Don't ever post the same thing twice.

http://doc.pfsense.org/index.php/Upgrade_Guide#Changing_architecture_.2832_bit_to_64_bit_or_vice_versa.29_during_upgrade

Cool, thanks!

Thank you cmb, that is very helpful to my understanding.

The lighttpd logs went nowhere before. So these always happened you just never saw them.

It tends to show up more often with captive portal. It's not fatal, you can most likely ignore them.

What bandwidth will is need to handle?
What packages are you wanting to run?
How many interfaces?
Anything else you think might be pertinent.  ;)

Steve

As you found by default everything is blocked on WAN.
If you need to access anything from the WAN side you have to add firewall rules to explicitly allow it.

Steve

Did you look at the sticky?

http://forum.pfsense.org/index.php/topic,1998.0.html

Should have probably stated I'm using i386 embedded (nanobsd) on a Firebox x700.

Using virtual adapters the detection code may not be able to see the change correctly.
Just select the interfaces manually instead of using the auto-detect. I imagine they will be shown as em0 and em1.
This shouldn't affect the normal operating of the NICs.

Steve

not sure how your email got buried in my inbox (sales emails only come to me until we get our ticket system upgraded in a couple weeks) but I just responded to you. Definitely something we can help you with, can have that entire config done within a day of purchase.

Configure your access point to assign the two ssids to two VLANs. Then setup VLAN interfaces on pfSense to connect to it. That way the 'internal' and 'guest' traffic will arrive on separate interfaces so you can have different rules and CP etc.

Steve

The nanobsd images are meant to be written to flash media, such as a CF card. PfSense will then boot directly from that. No hard drive needed.

The memstick images are used to create a bootable USB stick that you can use to install pfSense to the hard drive.

See: http://www.pfsense.org/index.php?option=com_content&task=view&id=43&Itemid=44

Steve

Any particular reason you want to downgrade ?

Thank you for your answer. For the moment, they were in raid mode, than i changed them to ahci and set up pfSense on one single disk. The problem is that i would like to ensure that if one disk fails the firewall could work further without downtime…

do that work fine with gmirror?

@johnpoz:

That thread is about nat reflection - which no where in your post did you state where you were trying to access these sites from.  You would have to assume from outside your firewall - since the normal operation in accessing a site while on that network would be to access it via its common IP on your own network.

Also you state that wan admin access is "default" - that is not the case.  You can not access admin gui of pfsense from wan in a default state of pfsense.

You would have to configure firewall rules to allow access to web gui/ssh from wan - which is not a recommended configuration.

Glad you got what you wanted sorted, but you really need to accurately convey your issue and your setup if don't want people guessing what your question/problem is.

You know what, you are absolutely right!
I was a bit short on time to get this sorted out and the fact that my problem description sucked completely did not help anyone…

Question 1: I got slightly confused as I tried to access the wan from within lan and never thought about the firewall accepting it as I was testing from inside.

Question 2: I was trying to see my sites behind opt1 from LAN and got the NAT reflection issue.

Stress sometimes work for you, sometimes against!
Thanks and sorry for wasting your time!

Ozz.