For just a single player with online gaming, and not much other traffic from your LAN at the same time, the SMC gateway that Comcast ships with their biz installs is actually quite a powerful little gateway.  The advantages of PFSense with its QoS will not come into play.  There are certain setups to setup your own router from behind the SMC so your own router gets the next static IP in your block, effectively bypassing the router/NAT features of the SMC, and if you use PFSense and you have quite a bit of other LAN traffic, the QoS/traffic shaping abilities that PFSense has will help out your online gaming quite a bit.

It would help if you provided a piece of the broken racoon.conf configuration file so we can see what causes the parse error.

Thanks for posting, as requested:
Apr 6 01:17:33    racoon: INFO: @(#)ipsec-tools 0.7.1 (http://ipsec-tools.sourceforge.net)
Apr 6 01:17:33    racoon: INFO: @(#)This product linked OpenSSL 0.9.8e 23 Feb 2007 (http://www.openssl.org/)
Apr 6 01:17:33    racoon: INFO: Reading configuration from "/var/etc/racoon.conf"
Apr 6 01:17:33    racoon: INFO: Resize address pool from 0 to 255
Apr 6 01:17:33    racoon: ERROR: /var/etc/racoon.conf:19: "d" syntax error
Apr 6 01:17:33    racoon: ERROR: fatal parse failure (1 errors)

Did you try and check the prefer older IPsec in the advanced tab?

I did not...I just went and looked for it..found it...put a check in it, save, went to services...tried to start Racoon, it still remains in a "stopped" status. 



Did not find time to rebuild over this past weekend. 

I set my update section in Updater Settings Update URL to look at: http://snapshots.pfsense.org/FreeBSD7/HEAD/_updaters

I notice that some version or build doesn't show up, it's hard to tell what I'm currently running, and what exactly is available.  Auto Update section commonly shows something like:

New version:     Thu Mar 19 20:36:33 EDT 2009
Current version: 2.0-ALPHA-ALPHA
Update source:   http://snapshots.pfsense.org/FreeBSD7/HEAD/_updaters

What are people doing to know what exact version they're currently running, and what's available.  Just remember the last date you invoked an upgrade, and look at the date stamp on the above?

Thanks for the reply.
I built it from scratch, no import of config from prior version.
I updated to the latest....still no luck, although I now have the failure to display the log that you mentioned.   

I'll try a fresh rebuild from scratch again this weekend.

Was running 1.2 for over a year at home, had a full time IPSec tunnel between it and my office, a Linksys/Cisco RV082 at the office.  Was running great, always up.

With 2.0...did same settings (I believe)..but cannot get the tunnel up.  In services I cannot get the Racoon service to start.

IPSec log snippet below....can anyone point me in a direction to correct this?

"Mar 19 15:00:58    racoon: INFO: @(#)ipsec-tools 0.7.1 (http://ipsec-tools.sourceforge.net)
Mar 19 15:00:58    racoon: INFO: @(#)This product linked OpenSSL 0.9.8e 23 Feb 2007 (http://www.openssl.org/)
Mar 19 15:00:58    racoon: INFO: Reading configuration from "/var/etc/racoon.conf"
Mar 19 15:00:58    racoon: INFO: Resize address pool from 0 to 255
Mar 19 15:00:58    racoon: ERROR: /var/etc/racoon.conf:21: "d" syntax error
Mar 19 15:00:58    racoon: ERROR: fatal parse failure (1 errors)"

Had similar issues myself, I recently replaced my old T22 Thinkpad laptop that was running PFSense 1.2, with the new 2.0 Alpha release on a faster T23 laptop.  They have onboard Intel NICs, and on the T23 I tried using a 3COM 656 cardbus...it was working, but sporadic disconnect issues.  I yanked it, slapped in a DLink PCMCIA NIC...reset PFSense to use it..and all is good.

Install the "BandwidthD" package....nicer details about "per user". 

Run through the traffic shaping wizard again....when you get to around the 5th or 6th page....which is named "Raise or lower other Applications"...stop there...scroll down the page...and give higher priority to the following:
StreamingMP3
RTSP
Web HTTP
and DNS

Complete and apply the wizard.

Comcasts monthly bandwidth caps is a whopping 250 gigs.  That's massively generous.  For monitoring, there is an add-on I run on my PFSense box, called "BandwidthD".  An easy to install plugin. Here's what it looks like...
http://bandwidthd.sourceforge.net/
You can install it right from your Packages link

I've never heard of any UTM features for PFSense.  Untangle is the newest UTM kid on the block, an incredible package, I've setup quite a few of those boxes.  But I run PFSense at home running from an old Thinkpad T22 p3 laptop...due to its QoS/Traffic Shaping to help my online gaming...and IPSec VPN support. Soon as they add IPSec support to Untangle though..I'll probably go over to that. 

Endian, and IPCop with the Copfilter add-on, are some other UTM distros you might peek at if UTM features are a need.

The above hardware you spec'd is way overkill for PFSense, but if you don't mind the noise, space taken up, electric bill, etc...hey, go for it. 

Can you please tell how you configured untangle in bridge mode?How do you define in/out interfaces?

in - from already existing firewall/router(pfsense)
out - to the LAN

The same wiki link as above.  Just follow the easy peasy setup install wizard in Untangle, placed behind your router..when you select bridge mode in the hand holding install wizard..it takes care of all the settings for you.

Can you guys please explain or give an example of how you have this setup as transparent bridge?  I guess what I am not clear on is how you set the ip's up.  Thank you.

During the install/setup of Untangle...the wizard will ask you what mode you will run it in..as your router, or as a bridge.  Select bridge.  You use both NICs..but during this wizard, it bridges in the internal NIC with the external NIC. 

See 1/2 down this part of their WiKi
http://wiki.untangle.com/index.php/Introduction#Supported_Configurations

It's a UTM distro (Unified Threat Management), would be compared against Endian, or IPCop with the Copfilter add-on, or Astaro..as they are UTM distros.  PFSense is not one.

I install Untangle at my clients in full router/gateway mode...not bridged, I'm not a fan of layering firewalls.  I run PFSense at home due to its superior traffic shaping/QoS, and IPSec support..which currently...Untangle has no IPSec support, only OpenVPN.  But...IPSec support is comin soon.  As well as the slow pokey java management console is going away, soon will be all web based.

Try the "BandwidthD" plugin.

I'd say way more than enough power.  You want that much power, electricity, heat, noise?

PFSense is not a UTM appliance, doesn't need a lot of power.  I've played with a lot of hardware and various *nix distros, I've come back to PFSense....because of QoS features.  I run it on one of my old IBM Thinkpad laptops, a mid-range P3.  Only 256 megs of RAM.  Onboad Intel NIC, I stuck in a Linksys PCMCIA NIC...she runs great.  5x users in the house..2 of which are VERY heavy users.  Plus I have an IPSec VPN tunnel to my office, do a lot of other VPNs to other clients.  8 meg connection.  Under the heaviest of loads on the network...I never got CPU utilization above 35%.

Laptop..nice and small, quiet.