Thank you for responding Pat. I'll start with some background. I have a 4 port NIC assigned as WAN1, WAN2, OPT1, and OPT2. OPT1 and OPT2 are in a LAN bridge in case I needed another LAN port for whatever reason. [image: 1550730710805-interface-assignments-resized.png] [image: 1550730780885-bridges-resized.png] Here are the interfaces in my dashboard. [image: 1550731230722-interfaces-edit.png] To answer your first two questions, both WANs are seen as a DHCP connection as shown. [image: 1550730978183-gateways-edit-resized.png] This is the gateway group I have. [image: 1550731101510-gateway-group-resized.png] The firewall rule for the LANBRIDGE interface (my LAN) is set to use the gateway group I named "Failover". [image: 1550731056079-firewall-rule-resized.png] This is where I think the problem may lie but I'm not sure. Here are some of the thresholds for Gateway 1 (Comcast). [image: 1550731185175-gateway-1-thresholds-resized.png] Since WAN2 wasn't working as a failover, I instructed the client to simply use the SSID from the AT&T 4G gateway modem so they can have something. I haven't yet put the AT&T into bridge mode yet as there doesn't seem to be a "proper" way to do it. It seems the true WAN IP won't for this 4G modem won't be on the WAN2 interface unless we pay for a static IP, but either way, double-NATing shouldn't be a problem as all the client needs is a simple internet connection to function. If it was working correctly I would have disabled the WIFI on the AT&T device (actually not sure if it will even let me. This thing is pretty locked down.) Please let me know what you think of if there are any other pieces of information that would help in solving this issue. Thanks in advance!

@KOM Ok, thanks. Let me give that a try. Jeff

@rookiee Of course. Not matter WAN assigned IP dinamically or static. https://docs.netgate.com/pfsense/en/latest/routing/multi-wan.html Gabriel

Yes. Then number the interface with one of the addresses, and number the hosts with one of the addresses with the corresponding pfSense interface as its gateway. If any two of those are contiguous you can combine them on one interface as a /26.

Not sure if ping utility bypasses it, but uncheck "block RFC 1918" at bottom of WAN interface screen. Also you need FW Rule to ensure traffic for 192.168.216.0 does not go via the WAN Gateway.

I just now got a LB2120 LTE modem plugged into OPT1with the same scenario. Gateway is online for main ISP WAN but offline for LTE WAN2. I can place in load balancing with both on Tier1 and WAN2 pulls data, I can connect it to the WAN by itself and it works just fine however it always is stated as the gateway offline. Have you by chance found a solution to your problem or an adjustment to the gateway monitor? UPDATE: First off, just figured out that LTE networks only use carrier grade NAT which means even if you place your LTE modem in bridged mode, you're still in their network and not truly going to pull a public IP. Ugh. Their network is an IPv6 with IPv4 network translation. I do get a IPv6 with some configuring but without majorly adjusting settings within pfSense and I need IPv4 anyway. Now to answer your question, since we're still in a carrier grade NAT even in bridged mode, pfSense will say offline. Since the LTE modem is the failover and if neither WAN or WAN2 work then I'm toast I just set the WAN2 to not be monitored and failover works. Go to: System -> Routing -> Gateways and edit WAN2 gateway and next to Gateway Monitoring check to disable.

Turns out it wasn't even a routing issue after all. I had a switch that was running in my patch panel that when connected to the network causes the packet loss, very odd. No idea why the new router fixed it temporarily. Guess I'll set pfsense back up.

@vernichter said in Pfsense on ionos with /32 subnet and gateway in other network: a looped back NS message is dectected during DAD for fe80:xxxxxxxx. Anoter DAD probes are being sent Check this thread :) https://forum.netgate.com/topic/98857/a-looped-back-ns-message-is-detected-during-dad

depends on the dhcpd that is serving your leases..

LOL yes it was that my captive portal was blocking the entire thing. Can be closed :)

You might be getting a multicast flood, When you connect the cable to switch C, do you have constant traffic on the indicator? If so, then your vlans are bridged at two points and a loop is created.