Thank you! It works.

@johnpoz: Derelict – I said the same freaking thing before him ;) "If the boxes are pointing to pfsense as their gateway" My bad that I let the technician configured the boxes and did not check them thoroughly as the location of the boxes are too far apart from the control room … SORRY!

Hey Phatsa, Did you figure out the configuration? We would like to do something similar – slightly different reason. We want to have two companies on one ISP connection and one pfSense box that will do traffic shaping.

Since your WAN interface is in a private network range, check if you have deactivated the "Block private networks" option in the WAN interface settings?

Thank's a lot! Your advice has resolved my problem.

" Hardly "moronic" to want to avoid that." Sorry but yeah… If you want HA then setup carp.. With you using each dept with their own ISP.. They all still have a single point of failure.. Your not leveraging the different connections for any sort of failover or ha setup.. You currently are using CARP with HA setup..  What the OP is asking for is stupid.. doesn't even have a smart switch, etc.

Turns out everything was working. The other side detected multiple connections from the same account and did not like it.

You may route this on pfSense to the client 10.10.10.80, but this route will be applied to any connection passing pfSense, also upstream from LAN hosts. In addition if 10.10.10.80 isn't a router itself with a public WAN address you either will need a route for 10.10.10.22 at the other side or do source NAT at the client for this connection.

"I pay for a 150mbps connection but only get 30-50mbps" So your saying wired to the powerline adapters you only see 50mbps.. But if wired to pfsense directly or with normal switch you see your full bandwidth?  Or when connected to the modem you see full but pfsense is downstream of your modem via powerline?  Can you draw up the constraints your working with..  Why exactly can you not run a wire from the modem to the rest of your network?  What powerline adapters are you currently using.. They are not all created equal that is for sure.. "buy a new wireless USB" Usb is just going to be crap.. I wouldn't even consider this as an option.. "use LAGG or some other combination of wireless and wired to combine the interfaces for speed" Not sure where you get the idea that lagg will give you more speed?  1+1 = 1+1 it does not = 2 in lagg.. So while you could load share across the lag.  A single client is not going to see any sort of speed increase.

here is what rule i have for the Opt1 its named wireless AP [image: 1.png] [image: 1.png_thumb]

Noted. Best regards Kostas

^ true anyone wanting to bridge interfaces to be on the same layer 2.. Only needs a dumb switch to take on that role.

Thanks for the reply, but as a matter of fact it was an routing issue, i had client overide and add the routes manually so each can ping each other, best part of all did not have to read books https://forum.pfsense.org/index.php?topic=127455.msg705357#msg705357

So apparently patience is the key here with this.  For some reason that I haven't been able to pin down.  Both VPN links are now up and running.  So um yeah.