• Captive default route

    Locked
    11
    0 Votes
    11 Posts
    4k Views
    P

    You must have arp/IP conflicts of some kind

    I'm pretty sure not.

    you have misconfigured something wrong

    But I could easily imagine that to be so  ;)

  • Load balancing 3wan ok But > 5wan not ok

    Locked
    4
    0 Votes
    4 Posts
    2k Views
    H

    As it is/was a state issue have a look at firewall optimizations at system>advanced. "Aggressive" might be worth a shot too (additional to the larger statelimit). It will help keeping the amount of states lower than with the default optimizations. You even can finetune this by using the advanced options that hide behind advanced buttons when you edit a firewallrule to set statelimits/timeouts per port, per source, destination…whatever.

  • [ssh connection broke]

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    R

    Yes it work fine with this option activated.

    Thanks !

    regards,
    ronan.

  • Basic Dual WAN setup help

    Locked
    15
    0 Votes
    15 Posts
    6k Views
    H

    When using loadbalancing you won't see the pfSense in a traceroute. It's forwarded firectly to the upstream gateway of the interface. This is normal and no evidence that pfSense doesn't work. Can be as well be your upstream gateway on that interface or something else. Not sure what to  say besides make sure you are on the latest snaphsot and maybe restart the configuration from scratch. You must have something wrong. Even if that link is down and your monitoring is set up correctly it should work as this link then gets excluded automatically within 5 seconds.

  • Proxy and land subnets

    Locked
    10
    0 Votes
    10 Posts
    4k Views
    H

    Good to hear  :D

  • Multiple wan

    Locked
    4
    0 Votes
    4 Posts
    3k Views
    H

    You got the idea  :D

  • DUAL WAN / Loadbalancing ~ problems

    Locked
    13
    0 Votes
    13 Posts
    5k Views
    R

    Thank you for your reply.

    What i mean with firewall rules don't working after loadbalancing, i mean:
    I tryed to portforward like your example and that doesn't work.

    Anyway i also tryed the loadbalancing but it isn't what i expected (like the traffic shaper doesn't work with more then 2 lan/wan's)

    But maybe a stupid question can you made for me a (example) config file with the next features:

    Dual Wan
    IP 10.1.1.10
    gateway 10.1.1.1

    IP 192.168.1.4
    gateway 192.168.1.1

    Single lan

    IP 10.10.0.1
    DHCP

    With firewall rules :

    Incoming:
    port 21 on gateway 10.1.1.10 goto lan ip 10.10.0.20
    RDP client on gateway 192.168.1.1 goto lan ip 10.10.0.20

    Outgoing:
    port 80 from lan ip 10.10.0.20 works with gateway 10.1.1.10
    Port 80 from lan ip 10.10.0.21 works with gateway 192.168.1.1

    Why? becuase i tryed this but it doesn't work after using the loadbalacing settings.

    Thank you!

  • Dual DSL WAN Setup

    Locked
    5
    0 Votes
    5 Posts
    3k Views
    M

    its not so much a pppoa problem, as pppoe works as well.

  • Two PPOE usernames/passwords

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    H

    Backup/Restore is the only way to do this atm. Backuparea "Interfaces" should be enough for this.

  • Firewall rules set to balancer for gateway block all

    Locked
    7
    0 Votes
    7 Posts
    3k Views
    H

    Make sure you monitor IPs actually respond to pings.

  • 100 percent CPU usage with second WAN

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    H

    run "top" at diagnostics>command. Show us the output to see what process is using up the CPU.

  • Any Idea

    Locked
    23
    0 Votes
    23 Posts
    10k Views
    H

    Depending on your needs grab a 10/100 or 10/100/1000. Intel cards are supported pretty good by freebsd. If you don't have need for a multiportcard you should be able to get them for small money.

  • Problem with Routing from OPT1 Interface

    Locked
    4
    0 Votes
    4 Posts
    3k Views
    H

    Have you tried VIP type carp already?

  • Mime type

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    H

    Not really, this is all traffic on port 80/http. There is no proxy that is inspecting the packets to make a difference here. Also a single connection can only run at a single WAN, so unless you use a downloadmanager it won't help you with a single client and a single download. Multiple downloads or multiple clients of course can take advantage of the loadbalancing.

    Please search the forum on how the multiwan does the loadbalancing. It has been extensively discussed before.

  • Inbound Load Balancing with Authoritive DNS

    Locked
    2
    0 Votes
    2 Posts
    3k Views
    H

    You have to make the clients to connect to different public IPs. This is not what pfSense calls inbound loadbalancing. Inbound is distributing requests that come in on one interface to multiple servers. What you need is making the clients use different WANs (public IPs) to connect to. You need a DNS-Server that resolves the DNS for the terminalserver each time to the next of your wan IPs. pfSense can handle different WANs but it can't do the job of the DNS that resolves the requests. You need a DNS solution for this on top of your multiwan pfSense.

  • Problems with OPT1

    Locked
    4
    0 Votes
    4 Posts
    2k Views
    H

    From your original post your LAN and WAN is the same subnet and even interface IPs are the same IP.

    @Sulti:

    LAN IP: 10.100.1.1/24

    WAN IP: 10.100.1.1/24
    OPT1 as WAN2 IP: 10.100.2.1/24

    Besides that I don't see a problem with your setup unless you have some typos somewhere.

  • Dual wan DSL and wireless

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    R

    @hoba:

    Btw, you want to abuse your neighbours unsecured wireless accesspoint as additional wan?  ;D

    OH NO, not me! That would be wrong. :-X

  • Routing trafic to other server

    Locked
    4
    0 Votes
    4 Posts
    2k Views
    L

    Hi.

    Well, i did the following two things, don't really know which one solved the problem, but it's solved: upgrade firmware to RC2 (was running RC1) and the following setting checked in Advanced:
    Bypass firewall rules for traffic on the same interface
    (This option only applies if you have defined one or more static routes. If it is enabled, traffic that enters and leaves through the same interface will not be checked by the firewall. This may be desirable in some situations where multiple subnets are connected to the same interface.)
    Best wishes.

  • OLSRD crashing

    Locked
    4
    0 Votes
    4 Posts
    2k Views
    S

    64 megs does not run, period.  The webConfigurator is not designed to do so.

    No it cannot be easily changed and we do not have plans to do so.

    64 megabye machines need m0n0wall, period.

  • Noob with routing problem

    Locked
    4
    0 Votes
    4 Posts
    2k Views
    H

    This is one possible solution to the problem. Other solution would be to add a route at the w2k server box and still use it as default gateway (which saves you one hop for clients in the intranet going to WAN and which also will make clients in intranet unaware of a failure of the pfSense when going to the internet). However if this works best for you or is the easiest way to configure it go along with it. Alternatively you could add routes at the single clients that need to talk to the servers behind the pfSense. A third not yet mentioned solution would be a 3 interface pfSense at the intranets WAN with the servers behind a 3rd interface. This way the pfSense would be the default gateway for every client/server and it has all the routes would route without touching anything at client or server side. I would prefer the 3 interface attempt with the pfSense sitting at the real WAN but like I said, what ever works best for you.

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.