• 0 Votes
    1 Posts
    3k Views
    No one has replied
  • Read everything still no success

    Locked
    7
    0 Votes
    7 Posts
    4k Views
    B

    @terminaladdict:

    running beta2 on DOM

    will the config be seamless?
    can I install on another DOM … boot, then load my saved config
    I assume the config defines interfaces rules, ipsec settings, static routes .. everything

    no idea what DOM is, but you can restore your config.xml from beta2 to a beta4 or RC1 box.  You will want to remove the load balancer config and recreate it.  There were MAJOR load balancer fixes after beta2
    Beta 3 summary: http://hitormiss.ucsecurity.com/index.php/2006/04/17/pfsense-10beta-3-is-out/
    Beta 4 changelog (on vacation, I didn't write a summary): http://cvstrac.pfsense.com/rptview?rn=24
    RC1 changelog (not yet released): http://cvstrac.pfsense.com/rptview?rn=25

    –Bill

  • Cannot access FTP server

    Locked
    8
    0 Votes
    8 Posts
    5k Views
    N

    OK. Just in case anyone does develop something regarding multi-wan FTP, I'm willing to do the tests.

  • LoadBalancing - Problems accessing secure web sites

    Locked
    5
    0 Votes
    5 Posts
    4k Views
    S

    Better yet, create an alias called cannot_balance or something similar and create a rule to force the traffic out a specific gateway.  Whenever you encounter a site that doesn't work very well simply add it to the alias.  Easier than adding rules for every edge case.

  • Bridge or not?

    Locked
    9
    0 Votes
    9 Posts
    5k Views
    N

    Will double NAT not have any latency issue?

    One question, I would like to understand the following sentence, which appears on the "Firewall: NAT: Outbound" page.
    "With advanced outbound NAT disabled, a mapping is automatically created for each interface's subnet (except WAN)."

    Since I haven't enabled NAT at all yet, pfSense is supposed to be generating the necessary mappings. However, pfSense is not supposed to be creating mappings for the WAN interface (as stated in the quoted sentence). But then, how come I can access the Internet via the WAN interface?
    That's the only interface where I currently require NAT to function.

    By the way, I don't have a router "in front of me". The pfSense firewall is actually "in front of me" and is acting as a router/firewall.
    Note that 10.0.2.0/16 and 10.0.3.0/16 are the same subnet 10.0.0.0/16.

    Also, I'm not using a DMZ. Hence, I couldn't really grasp what you meant by "Using the DMZ IP for the pfSense WAN forwards everything to the pfSense and you have full controll there.". Can you please elaborate?

  • Default gateway by source?

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    S

    Routing is done via firewall rules (policy routing).  So I don't see why not.  Check out the multi WAN tutorial and how-to's on the website.

  • Routing problem

    Locked
    4
    0 Votes
    4 Posts
    3k Views
    S

    http://faq.pfsense.com/index.php?action=artikel&cat=1&id=162&artlang=en&highlight=disable%20nat

  • Routing and priorities

    Locked
    6
    0 Votes
    6 Posts
    3k Views
    H

    Firewallrules will only let the traffic through you specify, so no, unless you set it up wrong it won't route the whole internet ;-)

  • 2 Wan Routing By IP

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    H

    If this server is accepting natted connections from the outside it will stay on the wan the connection was established.

    To make sure any other traffic from this IP will always run on a specific WAN create a pass rule with source <ip-gameserver>port <any>destination <any>port <any>gateway <preferred wan="">You can add those rules depending on püort, destination, source….the gateway specified is the WAN that will be used outbound. This way you can send specific traffic to WAN1, other traffic to WAN2 and the rest loadbalanced between WAN1/WAN2.

    Make sure you have correct order of the rules as the rules are applied on a first match basis.</preferred></any></any></any></ip-gameserver>

  • LAN/OPT1 client ping through WAN -> host unreachable.

    Locked
    18
    0 Votes
    18 Posts
    14k Views
    N

    @hoba:

    I'm not sure if this will show up there if you use a mode other than accesspoint.

    I assume that you didn't believe me when I said that my WISP is broadcasting it's MAC
    addresses.
    However you can check it here on this link www.panonnet.net/
    Please click on 'MAPA' at the bottom of the page.

  • Routing on LAN

    Locked
    3
    0 Votes
    3 Posts
    3k Views
    Y

    Ah, damn, I feel like a dumbass. I don't need to be up this late, haha. Network 192.168.0.0 is on a router on the LAN interface. The LAN interface network is 10.0.201.0

  • One SYN packet 2 SYN-ACK replies

    Locked
    13
    0 Votes
    13 Posts
    7k Views
    T

    Dear Group,
    I appreciate your help, I am still having the same issue I can't seem to resolve, duplicate SYN ACKS  ???
    Anyway my rules could be at fault ?

  • Dual wan + transparent bridge

    Locked
    4
    0 Votes
    4 Posts
    3k Views
    B

    @vd:

    Thanks for you answer. I really thought that pfsense could be a solution for my problem. What a pity.

    Thanks anyway

    Regards

    Vincent

    Replace the watchguard with pfsense?

    –Bill

  • Load balance dude

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    O

    Ok, a lot of thanks  ;D

  • How to Route (not NAT) from LAN to WAN?

    Locked
    9
    0 Votes
    9 Posts
    7k Views
    H

    You have to add multiple VIPs at wan and then use 1:1 NAT to translate the IP-Ranges. However this is extremely "dirty" but if that's your only way to do it…  :-
    I guess you need "ProxyARP" or "CARP" as type "other" doesn't involve macreplies.

  • Dual WAN –> Spread web server traffic between both connections

    Locked
    5
    0 Votes
    5 Posts
    4k Views
    S

    @RoboK:

    HI, what abou t your problem with FTP. I have the some problem with listing FTP site if I ahve configured and working Load Balancing. Any ideas to resolve it?

    FAQ.  FTP does NOT work with load balancing.  Search the faq before asking questions.

  • Load Balancing on a http proxy server

    Locked
    12
    0 Votes
    12 Posts
    9k Views
    H
    you can put as many IPs in the pool your hardware can handle (nics, cpu-power,…) It's plain roundrobin. You can fake some "weighting" by entering some of the gateway IPs twice in the pool (A,A,A,B if you want it weighted 3:1 for example), and yes, already established connections will remain at the same gateway they were originally initiated.
  • Errors Loading Rules

    Locked
    11
    0 Votes
    11 Posts
    7k Views
    I

    Thank you CraigRoy for your detailed description.
    I was fighting with the same problem and finally your case study helped me to solve it.

  • Configuring OLSR HNA (dynamic internet gateway)

    Locked
    2
    0 Votes
    2 Posts
    4k Views
    P

    Solved/moved:
    http://forum.pfsense.org/index.php?topic=677.msg6547#msg6547

  • Dual wan

    Locked
    4
    0 Votes
    4 Posts
    3k Views
    H

    Turned out to be only a matter of the way it was tested. It seems that it worked right from the start :)

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.