And whenever I ask my friend to uncheck the ( route all traffic through the tunnel ) check box, I then can access again the webUI and I could get an internet connection, problem is , I'm not being routed through the wan interface of pfsense.Although when I use the office separated internet I'm being routed out to the wan address and thus getting its IP when checking in Who.is

@jimp: That link is for load balancing servers behind pfSense – meaning one external IP address, multiple servers behind the firewall. What you want uses multiple WANs/external addresses. In that case, the balancing would have to be done via DNS RR type records or some other means (external load balancer, BGP, etc) Thanks what I must do when I want test load balance work good ? How I test Load Balance ?

At the moment, not likely. The L2TP system isn't meant to be used as a site-to-site style VPN. There isn't a way to add a route that would actually point to the proper L2TP server interface since the client could connect to any of them.

Hi sir, I have connection in the internet now, thanks for your replies and help, my problem was on the NAT configuration, Its a bit misconfig. haha thanks  again sir ! :)

In the meantime I fixed this issue. I had to set up NAT for the OpenVPN interface. In case anybody experiences the same issue: I used the latter description in this guide: https://chubbable.com/setup-pfsense-as-openvpn-client Have a nice weekend!

So I just replaced the IPSec connection I had for IPSec over the Internet with IP on site 1 10.1.1.1/34 and site 2 10.1.1.2/24 then selected the dedicated interface for it and all tunnels came up. This is in my test environment. Now I will try to do what you said by using a vlan. Both pfsense boxes have 2 NICS WAN and LAN. LAN has 4 Vlans 10,20,30,40,50. Do you think I should use its own dedicated interface for this site to site link. I agree with 100% on the gig link that it is for the whole site to site link. Not per vlan. That's only common sense lol.

I will try to change and reconfig my network and I will try again with pfsense. Thanks to all! :)

ok…made it work 2x LAGG's under the same bridge keeping the same subnet for all :) god bless flexibility :)))

UPDATE: So everything went amazing but Whats odd all i needed to do was to add the virtual IP thats all and NAT normally as i would. Thank you again

interfaces–>assign-->vlan

After suggestions from pf2.0nyc and cmb,  I have upgraded to 2.3-Release, and failover is working as I need it to.  I even got lucky, and this morning the problem WAN failed, so everything is actually going out on the default WAN! One addition of pf2.0nyc's posting.  If you use Dynamic DNS,  you may want to change the gateway it connects to.  Connecting to a dead WAN isn't as useful as connecting to your new Gateway Group. Attn pf2.0nyc:  Unfortunately,  my testing isn't likely to help you any.  In my situation,  I'm trying to fail over one WAN to another (default) WAN.    Because the default WAN doesn't need to change,  I can't add any useful information to your problem.  My only suggestion would be to upgrade to 2.3-Release, and see if that changes anything.  Thank you again for your detailed forum posting. Final Update…I had the Wizard create my first network configuration.  It created two interfaces, where there is only one.  The first interface is 'name' and the second interface is 'name-DHCP'.  While 'name' is my default WAN,  it doesn't work as a failover interface.  The second failover interface has to be 'name-DHCP'.    I can't explain it, but it works this way, and didn't work when I selected the default WAN as the second failover interface.

As per CMB's reply,  the upgrade to 2.3-Release has solved the problem. Thank you very much CMB!

closing this as I realised it's my lack of knowledge causing the issues. Seem lan one is is someone diverting back through it's own interface and ignoring the proxy.

Hi all, I just solved my own problem  ;D, It just simple thing that I miss look which is static route. I set my wan interface as default gateway then I add new static route for my juniper e0/2 interface from gateway LAN 1. now I able to ping from both end

@PF64: I get quite a few: send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 0 alert_interval 10…. Triggering coincides with your ISP lease-renewal ? That's what I see at my place (via PPPoE). Dpinger 2.3.