2.0.1-RELEASE (i386)
built on Mon Dec 12 17:53:52 EST 2011
FreeBSD 8.1-RELEASE-p6

Has anyone come across this before? I have deleted the package and re-installed a coupe of times, and rebooted the box, had been working fine for months. I may have updated it?

This set-up was tested with a single WAN, I have no way of testing it with 2 WAN's.

If you have the same rules for both WAN's then I would suspect the connections would have to be persistant. Try turning off Round Robin, see if it works then tweak the load balancing rules to suit.

Try this tutorial, it seems to be fairly popular. Please leave comments, so it can be improved if need be.

http://www.cqrite.com/2012/pfsense-2-0-1-and-gaming/

You probably need to bridge the WAN and LAN if your servers inside have to recognize it's own IP. If you need an internal network too then add a add a second interface for it.

I think that most use a second interface OPT1, renamed DMZ or SERVERS etc. as the Bridged interface and the LAN for a NAT internal network. The Book has some info on setting up a bridge, and I am sure there is some info online etc.

There are some routing challenges between the networks in this senario, because you gateway is now your ISP's router and that won't know how to get to your internal LAN network.

If you don't need a second interface then just bridge the WAN and LAN.

Select Interfaces -> Assign: Select 'Bridges' tab and click the + in the grey box to assign the bridge. Select WAN and LAN and away you go. Only click advanced if u know what you are doing.

Hope this helps.

Well, the only other thing I can suggest is to apply the Server IP to a VIP outside of your network, change the actual IP of the server to one inside your network range, and then create a 1:1 NAT between them.

Or your back to VLAN's again.

Sorry, I am confused, I think there is a language barrier here, I am not sure if you solved the problem or not? You say it is simple, but then say please help me?

Did you change your internal network range from 172.16.1.1/24 to something else? i.e. /16 or change the the LAN range to 172.16.24.0/24? I think that you have  changed range to 172.16.24.0/24 otherwise it wont work?!

Does the IP of the server have to be where you have it?

If you want to access internal servers from inside you need NAT Reflection on, as a general rule.

If you really have to supernet then a mask of /19 or 255.255.255.224 will give you a NET of 172.16.0.0-172.16.31.255 Broadcast. So you'd have to change your LAN. This will increase memory use though I am pretty sure.

You have a couple of options:

Use another interface for the server, better keeping servers separate anyway.
Use VLANS, one for the current 172.16.1.1/24 and the other 172.16.24.20/32.
Change the server IP or the network range so they are in the same range.

The pfSense book explains VLAN's really well, but you do need a managed switch that supports VLAN's, some say they do but don't do it very well.

Not done a VM install, so not sure. Depends on what type of VM, how many ports, IP ranges you are using, and routing. A little piccy might help with the ip's. VM's do have nasty issue sending the response back via the interfaces real IP rather than the VIP, this would mean ping would work, but http or any TCP connection would fail.
Some things to try.
Try a traceroute to both sides to see which way it goes.

Try ssh admin@x.x.x.x pfsense using LAN ip, if that works then routing not a problem to LAN

Try 'telnet x.x.x.x 80' LAN IP again. See if it connects, if it does then your browser is probably proxied. take proxy of and connect direct.

This doesn't make much sense to me, need more info. A picture can say a thousand words.

Is the public 81.x.x.x on the WAN interface?
The private 192.x.x.x on the LAN?
Servers on the LAN?

Need a Forward rule for each server's service that you need to make visible on the WAN, Outside.
You may also need a firewall rule to allow it.
By default you have access outbound from the LAN to the WAN, but not inbound.

pfSense documents will tell you how. The book has even more info.
http://doc.pfsense.org/index.php/Main_Page

Your probably burning the iso as a file and not an image. I make this mistake quite often. Not knowing what system you are using, no-one can really help.

A little confused? 

Not sure what you enabled. Enabling ssh allows access on port 22 or other defined port for a terminal program.

Selecting HTTPS allows secure browser access to the Web-configurater. If you havn't disabled the re-direct HTTP access will redirect you to HTTPS.

Try HTTP again.

You need a VIP for every ptpp connection.

Normal House routers use NAT because they usually have a single IP and need to access everything through that single IP.

If you are routing private addresses only then you can disable NAT, but if you have to go onto the internet they won't route so you have to NAT.

Thinking out loud here? Don't know enough about your system. Maybe if u put a diagram we could help.
What did you use before pfSense, can you use that to terminate the pptp's to, and then connect via IPSec inside?
Chuck a Linux box outside and ssr each connection inside, not sure that'd work either?

There is a nice Traffic Shaping Wizard that will do exactly what you want. Then you can fine tweak it afterwards. The book is probably the best source of info for Traffic Shaping.

There is blog on my web site that has info for gaming, it was tested with a PS3 but would work for xbox too. pfSense is a little more secure and it's NAT type is Strict, so it needs a few tweeks.

http://www.cqrite.com/2012/pfsense-2-0-1-and-gaming/

Well, not sure what you can do.

• Have you got spare public IP's laying around not being used, then use them.
• Don't NAT, but you would still need those spare IP's.
• Move to Open VPN or IPsec.

Another rather obscure option:
L2TP available from you ISP Vendor.

Changing to OpenVPN seems the best and most secure option. IMO

You might want to look at the limitations of pptp on pfSense. Each pptp connection needs it's own IP to NAT to get out to the Internet, or Extranet, WAN interface.

http://doc.pfsense.org/index.php/What_are_the_limitations_of_PPTP_in_pfSense%3F

Here is the set-up for multiple pptp connections.

http://doc.pfsense.org/index.php/Connect_to_a_remote_PPTP_server_when_you_have_the_pfSense_PPTP_server_enabled