@imeitoiu: The virtual machine has 2 processors from vmware and it is configured correctly from this point of view. The VM BIOS also has to tell FreeBSD how many CPUs are available. This can be done by MPTABLE or ACPI. (There might be a vmware configuration item for either or both of these.) If using ACPI then FreeBSD has to take notice of ACPI (there is a FreeBSD boot option to ignore ACPI). http://doc.pfsense.org/index.php/Does_pfSense_support_SMP_%28multi-processor_and/or_core%29_systems%3F says the SMP kernel needs to be chosen at installation time. The SMP in the string returned by the uname -a commands suggests you are running the SMP kernel but I am not certain.

??? Outgoing port was closed form client side.

@chpalmer: I was just able to play with this… Seems the WAN will still get an address in the private network space even if the "block private networks" box is checked... Block private networks is strictly for ingress traffic, DHCP requests are egress.

I wrote  a guide a while back, and it shows you the options to pick from a CD install to a HDD http://www.overclockers.com/building-pfsense-firewall have a look at that.  Are they the same steps you have done?

Thanks Steve!

Ok… sorry for this...  :'( Thanks. Andrea.

The 6501 is very picky about which USB sticks it will boot from. Out of the half dozen or more I tried, only one would boot. If you copy/paste the line from the BIOS detection that shows the drive, it would help to determine if it's a problem with the stick or not.

You can configure this path on squid package but usually it will be on /var(/squid) To get a better performance, enable soft updates on this new partition.

If that's on CD, that's normal, and not fatal. It's trying to read or probe the CD in some way that isn't possible while booting from CD.

On 2.0 that option can change the WAN IP as well. You really shouldn't be starting out with 1.2.3 at this stage, 2.0 (and 2.0.1) have been out for many months.

Thank you!

Thanks a bunch jimp ;). Cheers

Just import the files they give you into the Cert Manager. IIRC, If you made the CSR in the GUI, the CSR should still show up, you can press "e" to edit the CSR and input the result from your originating CA.

Solved by adding the kern.cam.boot_delay=10000 tricks…....... It would be nice if this is by default on, it doesn't really cause much extra time from booting but a few hours for ignorance like me to trouble-shoot ::)

It would interesting to know what they expect the network to look like. Presumably they have done this many times before and have found this be the best setup. I'd be interested in the opinion of someone with more experience on this. Steve

It's because the default rule on the pfSense LAN interface that allows access to the web GUI only allows access from the LAN subnet. If you are coming from a remote subnet routed via a VPN that will be blocked. You need to add a rule on LAN to allow access from your remote subnet. You should be able to so your routed access attempts being blocked in the firewall logs. Steve

I recommend you use the NanoBSD install on a compact flash card in that box unless you have a good reason not to. For instance you need to have a HD install to have access to all available packages. There is no HD image as far as I know. Steve

All credit goes to the developers.  :) Steve

thank you pal, have fixed it now: You are on the latest version. Tom