Hmm ok yes I was able to log dpinger triggering rc.gateway_alarm during WAN UP events as well but it wasn't consistent.  I believe as Denny said, sometimes other processes or scripts are killing dpinger and restarting it and thus it doesn't trigger the call to rc.gateway_alarm. I haven't had a chance to review the code in your PR but I will look at it.

I know Renato wants to do things "right" - of course that is always best but sometimes when the SHTF you gotta do what you gotta do.

Bumping this one more time. Any ideeas?

Hi @Skid,

This kind of setup really requires a good understanding of VLANs, how they work and how to configure them.  I get the impression you are not so familiar?  Go online, read up on access ports and trunk ports, tagged and untagged, VLAN IDs - different vendors vary the terminology a bit but it's all the same stuff!

I've just returned from doing a temporary event with a very similar setup - only five ADSL connections on the WAN side but they were dotted all over site and had to pass through multiple switches to get to the router (a pfsense VM on a DL380).

You need to define a few bits first:
1. Assign a VLAN ID to each WAN (eg. 51, 52 … 60).
2. Create untagged (access) ports on the cisco switch which connect to each modem.
3. Create a trunk (tagged) port on the cisco switch which passes all those VLAN IDs (ie. 51..60).  Connect that port to you r pfsense router and configure each VLAN on it's own interface in pfsense.
4. Don't use DHCP of PPPoE on the WAN connections, I had major issues doing it this way when a connection went offline.  Configure them all in their own subnets as you describe and set a static IP address for each WAN interface in pfsense.
5. Configure load balancing / traffic shaping in the pfsense router.

You also need to create and configure a LAN connection - ideally via a physically separate network port but this could be a VLAN too, of course you'll need a suitably sized subnet and DHCP scope to cope with the number of users.

What's your location?  I might be happy to help you with this.

@KOM:

I don't have a multi-WAN configuration but these might get you started:

https://doc.pfsense.org/index.php/Multi-WAN

https://doc.pfsense.org/index.php/Gateway_Settings

Thanks
but right now my problem is config wireless lan wan card
I do not know how I should config it

Thank you for this information I will change my configuration and get a core switch. The reason I bridged the interfaces is so that the switches could utilize some of the additional bandwidth. I currently only have 10/100 switches and thought that if I bridged the interfaces which are gigabit I could better utilize the bandwidth, but now I understand that I was in that thought process.

Thank you for pointing me in the correct direction.

Error 55 ENOBUFS: No buffer space available.  An operation on a socket or pipe was not performed because the system lacked sufficient buffer space or because a queue was full.

https://doc.pfsense.org/index.php/No_buffer_space_available

Your not showing it as a site to site..

First the NAS connected to RA server but as I mentioned it was advised to add a StS because also have road warriors connecting to RA.
So I added a StS and just modified/copied the client config to NAS and it connected.

Sure you could bring up a tunnel on pfsense, and have another IP on pfsense and have traffice that goes to its lan IP 2 go down the tunnel and traffic that hits is IP 1 not go down the tunnel. Then you could route on your PC.

Thanks for that, that sounds like what I need.

Then it would also be possible to add another VLAN that uses OpenVPN as GW and then exit at NAS to www?
Then on PC switch between those VLAN`s.
Hmm… that way more machines could use it and maybe is easier to manage?
Would it then be better to add an RA server instead of StS?

Okay…just did that...but where do I put those lines the install process is asking?

Why would your proxy be down??  If your proxy is down then internet should be down.  I assume your proxy does filtering, etc.  So if you just send traffic out the internet with no filtering you have no protection users surfing porn vs working, etc. etc..  Its madhouse I tell you a madhouse ;)

If you don't want internet to go down then setup your proxies in HA, etc.

I think you are on to something.  I checked the Hangout video for MultiWAN that explained it.  Thanks for steering me in the right direction. :-)

//Danne

@kennsington:

Just from your description it sounds like you have the gateways and groups setup correctly.

Have you actually directed traffic to your gateway groups? You would do that in Firewall > Rules. Create a rule on LAN that Originates with LAN Net and is destined for anything. Change the gateway to your gateway group.
Take a look at step 5: http://www.tecmint.com/how-to-setup-failover-and-load-balancing-in-pfsense/2/

There is an option in the settings to automatically change the default gateway, but that's not necessary when using gateway groups.

The core issue appears to be a defect inside AT&T's cellular network. I have an MiFi which I pulled out to test, and I see the issue as well. I tested an iPhone hotspot on AT&T and it shows the same problem with both LTE and 4G. The smallest data payload acceptable is 20 bytes. I would report the defect to AT&T, but I don't know anyone inside.

I'd also like to know if the issue exists in Verizon's network, but I don't have a Verizon phone to test with. If someone does, and would like to test, I'd appreciate it. No need to hook the device up to pfSense, you can test from your laptop. Just connect to the hotspot and try to ping.

Example commands (for a Mac):

ping -s 0 8.8.8.8
  ping -s 16 8.8.8.8
  ping -s 20 8.8.8.8
  ping -s 56 8.8.8.8

Thanks.

Yes dude source nat it..

How does your client behind R2 know its wan is down.. So its always going to send traffic to its own gateway..

How exactly are you port forwarding via router R2 wan to something behind R1 anyway..  Some sort of failover dns on the internet?  How does client on the internet know to go to r2 wan if R1 is down or not down?

Draw up your network please..

@jahonix:

@marcvb:

… i do not have to use lan rules ...

As johnpoz already mentioned: it depends on what the hosts on your public subnet are supposed to do.
A mail server surely would need outgoing rules if you want to send mail, some Windows servers would like to contact update servers quite frequently, …

Thank you both i understand it now.
My virtual demo servers and pfsense are working, installed a speedtest mini within iis and traffic shaping is also working.

This is much better than our GTA firewall www.gta.com

Awesome. Thanks for the clarification, I was having the exact same problem, until I looked at the documents

Forwarding mode is necessary for Multi-WAN configurations unless default gateway switching is enabled.