glad that i was able to help

it seems to be fine.

Yes this does work. I used this to stream media via a VPN to a PS3. Fram what i can read in your config: Did you configure the same subnets on both interfaces? You can only have one(or multiple) subnet(s) upstream and one(or multiple) subnets downstream. But not the same subnet up and downstream.

Hi jundi49, I'm on a train heading back home. I'll be glad to post some screenshots on how to set that up tomorrow from the my office. Meen while, what games are you going to play? You'll have to setup outgoing rules from the LAN interface (or whatever IF the connection is being originated from) and select different GATEWAYS depending on the destination IP & PORT. Example: Src: LAN Subnet. Src Port: ANY Dst: ANY Dst Port: 80 /443. GW: Web browsing gateway. (aca GW1) Src: LAN Subnet. Src Port: ANY Dst: Gaming Server IP Dst Port: ANY GW: Gaming gateway. (aca GW2) This would send web traffic through GW1 and gaming traffic through GW2. Maybe it sounds a little fussy but it's not hard at all. As soon as I can, I'll post a couple of images you'll understand right away. (If you haven't already.) Regards, Joel.

Hi, a VLAN swiktch should work. Perhaps you can buy a DUAL- or QUAD-port NIC

you got it right, no problems

Reason is stated earlier but I'll explain further… I have a LAN provider who gives me 100Mbps download but only 10Mbps upload. They provide me with five IP-addresses through DHCP and each of the IPs each get 10Mbps of upload. Since they give me IP-addresses from a /16 net I get the same gateway on all IPs. This means if I put a firewall with five WAN-addresses and load-balance them I get 50Mbps upload. It works with 1.2.3, not flawless but it works, and I have also used Shorewall to do this job and am now asking you if I can do this with pfsense 2.0? I'm currently trying to provide enough bandwidth to host a couple of game servers and really need the extra 30-40Mbps I'm trying to get here. Sorry if I don't make any sense...

I'm not quite sure that sticky option would work for Hotmail (http is stateless), since according to OpenBSD's pf faq: This "sticky connection" will exist as long as there are states that refer to this connection. Once the states expire, so will the sticky connection. Further connections from that host will be redirected to the next web server in the round robin. I also am still unclear about the status of "sticky" feature, since until recently there were reports of problems, and 148290 is still listed as unresolved in the Current problem reports assigned to freebsd-pf@FreeBSD.org

Is this for your own network, or some service you're providing to others? (if the former, the obvious solution would be to generate all your P2P traffic on a certain host or subnet) You seem to be asking about policy routing based on daily quota per IP. I don't know if that is possible with pfsense. Also the consensus seems to be that L7 identification of torrents is very hard. Since you are in such a hurry, perhaps a simpler approach would suffice e.g. put all "used" ports (dns, ssh, smtp, imap, pop3, etc) into an alias and route them via WAN2 (cable), but  change default gw to WAN (adsl) so everything else (which by default includes P2P traffic) will flow via the uncapped connection.

What is confusing about the guide here? http://doc.pfsense.org/index.php/Multi-WAN_2.0 It specifically mentions what all you need to put in firewall rules here: http://doc.pfsense.org/index.php/Multi-WAN_2.0#Firewall_Rules As for HTTPS, which is the only thing that some people need to handle specially (not everyone), either using sticky connections (in advanced opts.) or a separate failover group for HTTPS traffic will do the job. I'm not aware of anyone needing to handle SSH any differently, unless a remote site was limiting access for SSH to only one of your multiple WANs, then you'd just need a policy route to force SSH out that specific WAN… Again, not something that most people would need to worry about.

Create the second wan at Pfsense. Assign ip/gateway at gui. Create two failover like wan-> wan2 and wan2 -> wan Assing gateway to your rules.

Hello, I think that you should use the third port of the Alix for both the second WAN and Captive portal, as long as you configure VLANs on it. This article http://doc.pfsense.org/index.php/Multi-WAN_using_VLANs_with_pfSense(and help from members here) helped me with my setup, which it is similar to yours. Kostas

PPPoA o PPPoE ?.. I'm using last release 2… I try to search.. thaks!

Problem solved!! Thank you very much.

System: Advanced: Firewall and NAT:disable firewall

nevermind … picnic error

When you hit +, it may have latched onto the OpenVPN interface and did something there. If it's restarted (even just the openvpn process) on R2 it may come back up. That's just how the assign interfaces bit works, you hit + and it grabs the next available interface, then you can change it and save to pick a different one if that isn't right.