There isn't a powershell script I'm aware of, but you can connect with ssh and run pfSsh.php playback changepassword admin, then enter the new password and confirm it. Together with something like clusterssh or tabs with shared input in SecureCRT you could change a bunch to the same password all at once.

In case this will help any one else, I've figured this out.... Here is a link on how to find the logs for NPS... https://social.technet.microsoft.com/Forums/windows/en-US/45aa3000-c32b-483b-8d6e-565b56b163fc/how-to-check-the-nps-logs-in-the-event-viewer?forum=winserverNAP Basically there are text file logs in c:\Windows\System32\LogFiles\In* , or you can check in Event Viewer under Diagnostics -> Event Viewer -> Custom Views -> Server Roles -> Network Policy. In my case, the problem users were set to "Deny Access" under the "Dial In" tab of the user properties in AD Users & Computers. Setting to Allow Access fixed it up. If you don't see the "Dial In" tab, this may be of help : https://support.microsoft.com/en-ca/help/975448/the-dial-in-tab-is-not-available-in-the-active-directory-users-and-com For me, I had to be on the server to get that tab, not accessing Active Directory Users and Computers on another PC. Hope this will help someone else. Thanks, Derelict for pointing me in the right direction!

There are many how to's on the youtube and interwebs. Here is one I have saved https://www.youtube.com/watch?v=W2gy1bLHm5o Skip the pfsense install part as it goes through the whole process from pfsense setup to squid, to squidguard, and lightsquid. Squidguard itself is not hard to setup once you have setup you squid transparent proxy which is basically enabling squid, checking transparent proxy, settings caches and that's it for squid then switch to squidguard and configure it. I have squid setup as an HAVP sine it is built into the squid package now and not a separate package before 2.3. Overall there is are many video and guides with pictures to assist in setting up or helping troubleshoot pieces of pfsense you need help with when you google for it such as in your case "pfsense squidguard setup". Don't hesitate you use your Googlefu.

I imagine you will fine routing at the firewall between the internal subnets. That hardware is probably far in excess of what you need. Steve