All right! Thanks guys.
I guess I have some work to do.

I found the issues. I had to create a firewall rule to router the traffic using the default gateway, and not the (Failover) Gateway Group!

Well all works now, changing the cables to the correct interface… thanks

Excellent thank you for the reply I will give it a go in the morning.

Kind regards,

jB  8)

Thanks for the help both of you, I'm beginning to get an understanding for how it all needs to be setup now.
The DHCP errors have stopped and I'm now using a switch.

Twas a late night last night, fresh eyes this morning and all that.

Im open to step by step instructions :D

Shouldn't be a problem getting full routes in OpenBGP on your hardware. Make sure you are only advertising what you need to (generally self)

Hi All,

A quick update for anybody pondering the same issues. The configuration described above works beautifully, with one minor drawback(or major, depends on your point):

You CANNOT test it from the pfsense itself (meaning you cannot use /Diagnostics/Ping and use one of the LAN IP addresses as source). The second(or third) interface for which Policy Based Routing is necessary will fail to ping to the outside(via WAN2). It appears PBR works for traffic which does not originate from the device doing the PBR (in this case pfsense). This is especially annoying when you do not have physical access to a device on the LAN networks.

So if your ping tests from the pfsense fail, do not worry and test from a device in the particular network you are PBR-ing.

Hopefully this helps other people.

edit: No restart was needed. :)

@Derelict:

https://forum.pfsense.org/index.php?topic=111108.0

Oh crap. Sorry, need more sleep :)
Should you add this to the topic you linked? Or just remove topic.

ipadress sharename worked. good enough for me. cheers

In that case I would not use the built-in DNS forwarder. I would put a DNS server on LAN and use that so it could be properly policy routed.

@heper:

remove all the rules on the openvpn tab / only put rules in the openvpn-interface tab

Thank you very much!
It works!
Bye!

So it has been almost a week and no response at all. This is not good…..
I also asked PfSense support to react to this issue, because we want to know if this is a show stopper. If this problem isn't resolved, we will look in to another product. We hope somebody can clarify the problem and hopefully there is a solution.

I think, possibly, the problem was arising from an error in my VLAN configuration.  Thank you for encouraging me to examine my network in more detail.  In the end, I don't think it was a problem with the routes themselves, but rather with an error on my switch with the VLANs.

I'm not 100% sure yet, but everything is working for now and I will see how it goes.

Create a gateway for 192.168.100.3. This should be created on the interface used to reach that gateway.

Add static routes for all of those to that gateway

This is all done in System > Routing

@fenichelar:

Why? I have 4 NICs on my router, I only use 2.

Because those are router ports. Not switch ports. But do what you're going to do. Can only suggest here.