Problem solved: created an outbound NAT rule on interface A that replaced the source address with that of interface B for certain destinations. Since the two interfaces share the same gateway this was not an issue for the ISP - it doesn't care on what PPPoE session a request came from as long as the originating IP address is allowed through the default gateway.

That was really just a dirty hack to get them all up and running quickly because I had to replace the old failing network equipment (their entire network was still running on 10BASE-T). I will be looking to rework the setup when I have more time (Xmas is always busiest for us). Thanks for the idea though, will defo look into it.

@johnpoz Thanks. (Found it by miself :)

Still an issue?

no gateway option, you can use the 'interface' option on either wan & it'll bypass policy routing if you don't use any wacky floating rules curl --interface em0

okay makes sense.. I'm surprised they use a rfc 1918 address but I guess the ISP can use whatever they want on their internal network.

Yeah. It probably wasn't the reboot. Maybe pre-existing states or something.

-bump- Hello All, I just wanted to bump my old topic, to see if anyone has had a similar need / if anyone has architected anything similar to what we're trying to achieve. Any assistance would be appreciated!

I tried that but when a go to Routing > static routes, and select the gateway options, the gateway group i have created with the two routers does not appear on the list. I have pfsense version 2.4.3.

@Kartoff just to test if that is part of the problem but it isn't. new development: It seems the problem is on the side of PIA. I have added a gateway group and set it up to use PIA and NordVPN as a fallback and now it is running on NordVPN without a problem. Another thread on this forum suggested that some PIA users are using the service to spam this very forum which is why some IPs seem to be banned. My humble attempt of an explanation is this: It seems reasonable to assume that PIA is having server issues and their servers are going down due to excessive load from spam activities. If the server that I am connected to is going down, then my connection would go down with it and not recover.

Thanks for confirmation of what I feared! :)

Thanks a lot, for your help. I will try it with /23

Hello, I have exactly the same issu. This causes a lot of problems in my network. Please help

sticky connections don't work and I have a lot of problems with expired sessions (banks and many others sites). Yes they do. Sticky connections are more a potential solution for load balancing setups than failover.