I think this is theoretically possible with OpenVPN bridge mode (or EoIP), though I don't think it would work with pfSense. I've posted on this previously. Try this thread for more details: http://forum.pfsense.org/index.php/topic,16641.0.html

if you may, can u post how did u solve that ?

You will also need a route for the 10.11.1.0/24 and 10.11.2.0/24 network on the 192.168.1.16 router. (pointing to the pfSense LAN IP address) A default route works to if you don't already have one. Otherwise you're traffic will make it to the destination, but the 192.168.1.16 router wont know where to send the return traffic. That would fit your symptoms. Clients on the same network as the router can communicate successfully because the router knows it's attached to 192.168.1.0/24 pfSense is forwarding traffic from it's 10 networks to that address and the router doesn't have any entry in it's routing table for returning traffic so you don't have connectivity.

I hade the same problem, this is what fixed it for me. In Firewall Rules OPT1….changed Gateway from OPT1 to Default In System Static routes......made a static route for OPT1 to DNS Server For uTorrent you might need 6969 Torrent Connection Port in Firewall Rules. These changes fixed all the problems I had with port forwarding and failover. Hope this helps. (pfsense is awsome, thanks to all the developers and programers.)

Because you didnt click the "Virtual Servers" tab.

Ok thanks for the quick reply :) Gotta try this jigp Davao City 1.2.x

Ahh okay wireless. Thanks for the tips guys :) Good morning jigp Davao City 1.2.2

Good morning. Configure your isp router then nest is your pfsense. I use LAN in squid not WAN. jigp Davao City 1.2.2

This: http://www.pfsense.org/index.php?option=com_content&task=view&id=52&Itemid=49 should help you to find adequate hardware for your needs. Just two lines with a total ~30Mbit shouldnt require too much of hardware. An ALIX would be probably enough: http://pcengines.ch/alix.htm

Which static routes are you talking about now? I mean the static route for the DNS servers for each link. This is described in this howto: http://doc.pfsense.org/index.php/MultiWanVersion1.2#Setting_up_DNS_for_Load_Balancing You dont need a static route for the monitor IP: Such a static route is added automatically behind the scene.

Yellow means the status of the link changed within the last few minutes. (i think 5 minutes)

@GruensFroeschli: Now that i think about it some more. If you add another interface (and another subnet) and move the servers to this separate subnet (basically create a DMZ). Shouldnt "true" NAT from LAN to OPT be possible? –> Server loadbalancing should be possible again. So what I'm gathering here is that the load balancing basically needs NAT to work? Is that correct? Putting it on a separate subnet is not a bad idea; in fact for this particular application, it makes a lot of sense, since it's going to be "clients" connecting through a VPN. Even though I'm limiting what they can access, I have been mulling around the idea of separating the services they connect to to a completely different network (either with VLAN, or physically separate; it's a tiny network). If this would solve the load balancer issue it would be another reason to do this.

@GruensFroeschli: NAT rules are used to forward and modify packets inbound. Did i get that right, that you're talking about outbound traffic? scrap the NAT rules and create policy routing firewall rules. Make sure that your new firewall rules are above your loadbalancing rule. thanks that was simple i was thinking the wrong way. when i have more wan's and i want one ip adres (internet) blocked by wan2 and the others round robin where can i configure this ?