@rnmixon Ugh! After restoring the new config everthing is working except for one situation:
We have a virtual IP with two rules that pass port 80/443 to the IP (IP#1) of an internal web server.
We also have a number of NAT rules that override the destination for some ports (90x2, 90x3, 90x4, ...) on that virtual IP, routing to different IPs (IP#2, IP#3, IP#4, ...) on the LAN.
NONE of the NAT rules appear to be working, the firewall log shows traffic being blocked on (for example) port 90x2 as it tries to route to IP#1 instead of following the NAT rule to IP#2.
This all worked on our original config when we were running pfSense 2.4.5 and also when it was upgraded to version 2.5.1 (though failover was now broken).
I'm guessing when I merged in the changes from 2.5.1 config file into my old 2.4.5 config file I must have muffed something, however not sure what - the syntax of the changes all looked to be the same as the 2.4.5 syntax.
Any ideas from anyone before I restore to the old config that's size weeks old and lose all my changes?
Thanks much - Richard