Yeah, that's already done. It works great with the Cisco CSR 1000v devices but I can't seem to figure out how to make it work properly within pfSense.

Were you ever able to figure out the cause of this?

I'm experiencing the same issue.

Yeah there must be something somewhere that doesn't clear that in certain cases. I have only seen the end result - never the actual event - and then only a couple of times.

Glad it worked.

The answer was indeed a missing NAT entry on the main offices Firewall.

Tanks.

I got an idea from a reddit user:

have a device on the network spoof the mac of your WAN interface and do a DHCP request on a schedule

This sounds like it could work.  Could I use something like a packet squirrel that would run a script, every day it could spoof the required MACs, do a dhcp req, then go dormant until the next day?

Since I have a switch on the WAN side to split the WAN to the two firewalls, I could just plug it into that switch.  It would pull all three necessary IPs once per day.

Is this x.x.186 network public - why are you obfuscating it?

Please draw your network.. Saying you have network A and network B doesn't tell us how you have it connected together.  Any router connected to another router should have a transit network, or more likely then not your going to have asymmetrical routing unless doing host routing on each device in what is the transit network.

I have created Multi-Wan Gateway in pfsense

Wan-1+Wan-2+Wan-3+Wan-4 = Multi-Wan default Gateway

Then Vlans are created and assigned to the LAN interface

-> Rules are created in each vlans as protocol ->  to destination ->any

same vlans are created in an L3 switch and Trunk is configured to provide access to all the vlans All the vlans are routed to the pfsense firewall

* The IP name server is the x.x.x.x(pfsense ip address) and the secondary dns is

Now internet is working in all the vlans, I am able to access the pfsense firewall via browser from all the vlans. But there is no ICMP reply for the ping. No ping to firewall or any other sites. I am unable to download any package via wget. please help me out with this problem.

Yes best would be separate vlan's.

I think you also need to setup static routes on the pfsense box to route IPTV traffic to the separte interface. And default gateway to the internet interface.

At least use hybrid if you need something special. Only place manual really makes sense is HA. And even then it's easier to leave it on auto until all the interfaces are defined then switch to manual.

Like I said, it's just hypothetical, trying to understand some things.

I usually build networks with only 1 router, and let the physical devices like switches, ap's and such be in a backbone network (vlan1) while the devices and clients are on other vlans. But what if I want to offload a modest router that is being used for some high throughput backups for example, by adding a second router just for that purpose.

I guess transfer network would be a solution, yes. Will consider that in my scenario. Thanks!

Ok found my solution,

Go at the bottom and click on the advance options

There add the following

SourceIP=X.X.X.X

AND THEN SAVE

The X.X.X.X should be the ip address of the gateway via which you want the traffic to go out of

Hope this helps someone.

Rajbps

You might ask them to put that list on their webserver it a plain-text format. That way you could just periodically update a URL type alias from their site.

Absent that, yes, you will probably need to keep the alias updated yourself.

That sounds completely convoluted but you don't control NAT sourced from a specific network on rules on that network. You control them with Outbound NAT.

The easiest way is to probably enable Hybrid mode then make a NO NAT rule for the public source addresses on that WAN address.

There is no such thing as 'classic Multinet.' Putting tewo layer 3 networks on one layer 2 is something that should only be used to do something like transition to new addressing. It should not be used as a permanent solution to anything.

ok i found the AS numbers for xfinity live tv

AS7922