In theory land, sure, VT-d might theoretically give you a lower attack surface, but in reality, it shouldn't be any more secure than a standard vNIC / vSwitch setup as long as your WAN connection doesn't also have the VMWare Service Console available on it, which it shouldn't.  In the theoretical order of attack surfaces, having a separate vSwitch with just the one pfSense firewall WAN side connected internally and a physical NIC should be the next best secure level; followed by a WAN port group and using VLAN's to separate out your WAN traffic. All of those, however, in reality land, should be perfectly secure, especially for a home. Someone correct me if I'm wrong, but I'm pretty sure that security hasn't been historically the main push for using pfSense on bare metal, but more of the performance in high bandwidth situations.  People might get the knee jerk reaction for security, or make that kind of decision based on a policy in a company, but there are relatively few, if any, attacks that would be exploitable because pfSense was running on a VM.  Now, there could be some kind of Denial Of Service attack that could possibly be exploitable, but I haven't seen any of those either. A lot of very large companies run servers on VMWare ESX hosts, some of these companies have very over-the-top security practices, and they're fine with VMWare. Unless you're worried about actually saturating a Gb NIC with traffic, I would not put out the extra expense nor effort to run the WAN NIC via VT-d.  At this point, I don't think anyone could point to a real reason to claim that networking in VMWare is insecure ("real reason" equals demonstratable exploits, not FUD.) Just to re-state, though, please don't advertise your VMWare Service Console to the outside world, though.  That's not secure.

Check this: http://www.pfsense.org/index.php?option=com_content&task=view&id=43&Itemid=44

No problem dude - glad you got it sorted.  Have not seen anyone use an invalid IP in a long time ;)

Sorry, I didnt respond yet.. yes, I was able to do it.. now, I have another issue, posted here: http://forum.pfsense.org/index.php/topic,56796.0.html

Strange, I'm not sure what I did differently, but when I moved the DSL line back over to the new box to test and get a log file, PPPoE worked.  Oh well, just glad I'll finally get to enjoy all the goodies 2.0 has to offer. Thanks

Thank you for all replies. It looks like the hardware was faulty. On other r2850 installation was fine.

For anyone else running into the same problem. My motherboard is a asus P5p800 SE. Latest bios (803 i think) One IDE CF card reader with a sandisk ultra 4GB card What i did was to set the primary master (the cf card) in Bios to Lba:auto Pio mode: 2 Udma: 0 And to only use single word dma. With that it boots the 2.01 4Gb embedded image without problems.

@lysis: I searched for a few minutes but haven't found anything.  I'd like to do the following: -I want to enable WAN access for remote administration of the pfsense firewall. -I want to change the port number we use to log on. Can you point me in the right place, please? You are better off setting up a VPN account if you need remote admin access. Accessing the web admin directly from WAN is a bad idea.

Assuming you weren't looking for huge amounts of throughput, a simple PCI Intel Gb NIC would work, fairly cheap on ebay. Like this: http://www.ebay.com/itm/Intel-Pro1000MT-Network-PCI-Desktop-Adapter-A78408-008-gigabit-1000-100-10-/261122375270?pt=US_Internal_Network_Cards&hash=item3ccc1b3e66 Or this: http://www.ebay.com/itm/Intel-PRO-1000-MT-Gigabit-PCI-Network-Adapter-Card-8390MT-HOT-/170920969124?pt=US_Internal_Network_Cards&hash=item27cbaf03a4 Or for more throughput a PCI-Express one: http://www.ebay.com/itm/Intel-Pro-1000-PCI-E-NIC-EXPI9300PTBLK-MINT-Look-/110986279580?pt=US_Internal_Network_Cards&hash=item19d74c3a9c Not sure what your original intent was, but if you weren't planning on running VLAN's, you probably need multiple ports.  You can simply mix&match the adapters above, or get a single card with 2 ports. Like this one: http://www.ebay.com/itm/Intel-Pro-1000PT-PCI-E-Dual-Port-Adapter-Dell-X3959-/230889263724?pt=LH_DefaultDomain_0&hash=item35c212926c

It happens sometimes while pasting URL in forum. Just remove the extra ftp://  :)

Sounds like the crux of that thread is: if you want long lasting SSD's, buy Intel.  (But I think some of us were already of that opinion.) I wonder what their little SLC SSD's do with that kind of testing.

This is because you are using a 64 bit installer on a 32 bit machine try to download the right installer and see if that works I had the same issue recently

To rule that out I think you should format the drive and start over. Steve

Thanks for the additional information. @derwood: I have a /30 from Time Warner. As previously suggested in VirtualBox I would bridge the physical NIC available for connection to the modem and an emulated interface available to the pfSense. That emulated interface will become the pfSense WAN interface and be assigned your public static IP. Thus pfSense will talk with your modem over the software bridge in VirtualBox and the "eth1" physical NIC.

It seems as though maybe the Hyper-V isn't initializing the NICs properly. Ifconfig de0 down Ifconfig de0 up Ifconfig de1 down Ifconfig de1 up Now I'm able to ping the pfSense box and access the web interface.

I was having the same problem and I ended plunging the hard drive to my PC and flashing: pfSense-2.0.1-RELEASE-4g-i386-nanobsd_vga.img to the disk using win32diskimager.

Every time I've seen that specific symptom with Time Warner it's been because they screwed up the static IP config on their end in some fashion (happens way more than one would think). That's assuming it's the business class static IP service, and you have the correct default gateway and have it marked as default under System>Routing.

So basically since I tried to reimage, I've been screwed.  I boot with an extra drive that has Ubuntu server on it (along with the images I'm trying to apply to my flash IDE drive), but when I start the copy (using dd), it ultimately hangs my OS with a slew of DMA errors being spewed to the terminal.  The dd command I'm running looks like so: sudo dd if=pfSense…img of=/dev/sda Where /dev/sda is the IDE flash drive and /dev/sdb is my Ubuntu server disk. I'm honestly at a loss.  I think this IDE flash drive might just be total crap.  It's an Emphase 2Gb IDE flash drive, not sure if anyone's had any experience with them.  Any suggestions for where I can find a slim IDE or sata flash drive for this sort of application that doesn't totally suck?

The Linksys WRT54GL was the ideal platform for OpenWRT/DD-WRT etc a few years ago but these days it's looking a bit weak. The Netgear WNR3500L, that you already have, is far far more powerful: 480MHz CPU, 128MB RAM, 128MB ROM. Choose one of the firmwares linked to above, say this one, configure captive portal on it. ??.??. Profit!  ;) Steve