• Dual wan internet and private link

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    C

    You can't use PPPoE on more than one WAN. You'll need a modem to do the PPPoE on the second link.

  • Static raoue issue

    Locked
    4
    0 Votes
    4 Posts
    2k Views
    GruensFroeschliG

    As i've wrote before: If you have only one rule with as source your LAN subnet, the traffic has to be dropped since it doesnt match the allow rule.
    I'm talking here about FIREWALL rules. Not routes.

    (there is an invisible "block all"-rule at the very bottom of the rule list)

    create a rule that allows traffic from your VPN subnet.

  • Dual WAN ADSL / Cable Modem HowTo

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    GruensFroeschliG

    adsl on WAN (to be able to use PPPoE)
    cable on opt1
    Setup both as dhcp.

    If you want to exclude certain traffic from being balanced just create a rule above your balancing rule with as gateway your interface you want it routed to.

    Rregarding the plan on adding PPPoE support on OPT interfaces:
    Search the forum. Somewhere is a thread about that.

  • Dual Wan Question - Routing traffic

    Locked
    4
    0 Votes
    4 Posts
    2k Views
    GruensFroeschliG

    1: Create two aliases. Aach contains all the IP's you want to have together in a group.
    2: Create two rules that are above the default allow all rule.
    3: Set as source in each rule the alias with your IP's.
    4: Destination should stay in every rule on *
    5: Set as gateway WAN respectively OPT1
    6: Leave in the default rule the gateway on *

  • Port forwarding on WAN and OPT1 same port, same host…

    Locked
    13
    0 Votes
    13 Posts
    6k Views
    G

    Hi all,

    I finally had to rely on policy routing.  pfSense didn't seem to be able to cut it without helping it with policy routing.  Had to add secondary addresses to all of my servers, primary address "pointing" to virtual address on provider 1 ("old" provider), secondary to provider 2 (the new provider).  Then i added rules for policy routing.

    I couldn't get the PPTP server to work on the OPT2 (interface to new provider).  Wasn't a big deal because i replaced the "temporary" 4 interfaces firewall with a new 3 interfaces one once changes to DNS propagated.  I relied on SSH + port forwarding to access my servers while the 4 interfaces firewall was on duty.

    I'll probably make more testing with a simulated network inside VMWare.  I'm now searching for a kind of "network director", hopefully a pfSense software plugin that would limit the number of video streaming connections when bandwidth is getting maxed out.  Ideally, the client that wouldn't be able to connect because of BW exhaustion should be redirected to a WEB page instructing him to try to connect later.  I already use the excellent traffic shaper of pfSense but that is not enough when bandwidth is getting fully used.

  • Newbie from India. Help on Triple WAN

    Locked
    10
    0 Votes
    10 Posts
    5k Views
    S

    Thanks! It works!

    So basically in the failover pool, I always use 2 interfaces in a circle, eg. wan1-wan2. wan2-wan3, wan3-wan4, wan4-wan1

    I will bet getting 2 more ISP links next week or so. I will try this then. Till then, I will test this now :D

    Thanks a ton once again  :-*

  • Added Static Routes, but still no go!

    Locked
    5
    0 Votes
    5 Posts
    2k Views
    D

    look my reply at
    http://forum.pfsense.org/index.php/topic,6198.0/topicseen.html

  • Confused newb

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    C

    @bruffterman:

    Sorry, i'm sure this is covered in the manual and such somewhere, but i'm not too familiar with all the technical language when it comes to networking, and I wouldn't know what to look for.

    First off how low down does the load balancing work? is it at the packet level or would that not work? What I mean is say, you were running a single program with a single connection to a server, like streaming a video, or playing a game online, would that program benefit from the increased speed of the load balancing, or would all that data be routed over only one connection? Also what about usenet (multiple connections to the same server) or bittorrent?

    It's per-connection. You can achieve the aggregate speed when using multiple connections (like with a download manager), but not a single connection (like a HTTP download). That's because of the way TCP/IP works, a single session must be sourced from the same IP, hence it has to stay on one WAN interface.

    @bruffterman:

    So I wondered if by building a server with 2 or 3 NICs each with their own IP address (do they have to be static or does DHCP work?) I could load balance the connections and thus get an overall faster connection speed.

    Also as far as trying to do things legitimately is concerned, is it likely that the capping is applied per IP address, or MAC address or session ID or what? What I'm wondering is if there is any easy way for the University to be able to charge for a fast connection on a case by case basis, if so a petition for this to be done could be a good idea.

    There are countless reasons it could be slow, and countless ways they could be rate limiting traffic. It's possible to use multi-WAN with however many ports you want, static IP or DHCP, but there's no way for us to know if that's going to improve anything. I'd say it's a toss up.

  • WAN problem

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    W

    Did you find a solution to this problem? I am running into the same problem.

  • Again, Dual WAN, VPN - some questions

    Locked
    7
    0 Votes
    7 Posts
    3k Views
    D

    Hi there, i tried it with the 1.2 RC2 Version, then everything wrked fine - no problems with blocked vpn traffic anymore :)

  • Redirect Traffic…

    Locked
    6
    0 Votes
    6 Posts
    5k Views
    S

    All working :)

    For anyone that is interested:

    I configured a Load Balancing Gateway pool, set up with any interface and a monitor IP of the proxy server.
    I edited config.xml, and changed the interface in the pool above to the IP address of the proxy server. Reupload if edited offline, just reboot if edited on the server.
    Configure squid to run transparently on a port other than 80. I chose 3128 (the default) "http_port 192.168.10.246:3128 transparent" in Squid 2.6.
    Configure a NAT rule to redirect requests on port 80 to the port you chose above. dwadson post a linux rule below, under Solaris I used:

    rdr bge0 0.0.0.0/0 port 80 -> 192.168.10.246 port 3128

    Start Squid and enjoy :)

  • Pfsense as openvpn client and wireless network

    Locked
    1
    0 Votes
    1 Posts
    1k Views
    No one has replied
  • Load Balancing oddity

    Locked
    1
    0 Votes
    1 Posts
    2k Views
    No one has replied
  • Splitting clients depending on what port they access to. Possible?

    Locked
    2
    0 Votes
    2 Posts
    1k Views
    S

    [a] WAN2 needs to be something like 192.168.100.99/24 with gateway 192.168.100.100; it CANNOT be in the same subnet as your LAN.

    **TO get all your http traffic to use WAN, set up an ALLOW rule in the LAN interface

    Interface: LAN
    Protocol: TCP
    Source IP : ANY
    SOurce Port: ANY
    Dest IP: IP
    Dest Port:80
    Gateway: WAN**

  • All Games to WAN2; others to WAN! But how?!

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    GruensFroeschliG

    search for "policy based routing"
    –> http://doc.pfsense.org/index.php/What_is_policy_routing%3F

  • Dual-WAN design with pfsense (and two noobies =\)

    Locked
    1
    0 Votes
    1 Posts
    2k Views
    No one has replied
  • Help with Multiple WAN setup.

    Locked
    64
    0 Votes
    64 Posts
    39k Views
    S

    Leimrod you made my day! I was struggling to get this multi WAN thing setup. I had results with the dual WAN but I have 3 DSLs now and am getting another 2 in the next few days. Went through your posts and lo, I am on a 3 DSL loadbalanced network and everything works. Now I will try to get my uTorrent to work but if it does not, I will put a direct link to it on one of my DSL routers and have it done ;-)

    Thanks to all mods who helped Leimrod and indirectly helped everyone else :)

  • Dual WAN setup: 1-1 NAT only working on WAN and not on OPT1

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    C

    Please do not duplicate posts.

  • Configure DSL on 2nd WAN port {PPPOE/PPTP/etc}

    Locked
    6
    0 Votes
    6 Posts
    3k Views
    C

    @GruensFroeschli:

    @nixgeek:

    I didn't want the DSL to be the primary WAN by default.
    Only to be used for failover, or for specific traffic. Guess I
    will have to wait.

    You dont need to have WAN as default.
    Default is what you define as default in the firewall rules on LAN-tab.
    Just set your OPT1 as default…

    Exactly, the WAN is only the default and not easily changed for traffic originating from the firewall itself (which in a normal policy routing configuration isn't much - DNS forwarder if you use it, and NTP if you use servers on the Internet).

  • How to configure dual wan

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    P

    http://doc.pfsense.org/index.php/MultiWanVersion1.2

    Please search before asking…..

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.