Hello, I'm really sorry, I did not do it on purpose. Thank you very much for your help. I will process the configuration vlans. I will bring you back as soon as possible. Thank you again.

I understand a lot more to tell other people.

Hi, Try to add static route in pfsense for the other subnet, so that pfsense knows to route traffic as reply to those concern subnet. Regards,

@Derelict: I still wouldn't use VLAN 1, but it's your network. Unfortunately, we have too many moving pieces for me to change that too. We have some expansion plans in the works which will provide me an exact copy of my existing infrastructure and when we configure that, I will take your advice.

Creating the VLAN is not enough. You need to go to Interfaces > (assign) and assign OPT1 to VLAN 10 on igb1 if you want the OPT1 interface to hit your switch tagged with VLAN 10.

@thermo: Add a dns override  to return the local ip when on your internal lan So Bodam.Com would resolve to 192.168.X. X That's what I did.  This was one of those instances where it occurred to me 10 minutes after posting this.

Yes.  Assign a /30 to the WAN, route a /24 to it, and dole out smaller subnets from a /24 on your various LAN interfaces/VLANs/whatever.

PFSense doesn't have a way to tell two connections apart to distinguish which is upload or download (By the time it starts uploading or downloading, it has already had to make a decision about which connection to use). So unless you have a way to distinguish these two for it (IE, this specific IP address is always upload), it isn't possible. I'm not saying you can't load balance –-- You just can't load balance like that.

hello Everybody is there anyone to help with explanation about multiwan with squid 3.4 non transparent (working with wpad) many thanks

I don't know about your problem specifically, but you really need to get rid of that Allow All (aka Default WAN pass rules) rule on WAN.  Firewall rules are processed on what is coming INTO an interface, not what is going out.

I know this is a bit off topic, but have you considered switching to a wireless solution for your backhaul? If you have a provider that has faster connections but doesn't service your address, you can get service at an address they DO cover and shoot a point-to-point connection from there to the hotel. Ubiquiti has some great, cost-effective solutions for doing that, and the range is up to about 13+ km. I only suggest this because it might be cheaper than having 5 lines of data service and it would get rid of your need to deal with the MultiWAN issue. Scott

Hi, Understood. I have set this up inside Load Balancer - in terms of the Pool, and the Virtual Server. I didn't create (manually) any firewall rules - but I just went in and checked, and you are right … thanks for poking! It looks like Load Balance (prior to v2.2.2) set this up, but not now - so I went in and manually added and entry. And now it works! Thanks very much!

@mattig89ch: How does one create that rule?  Heck, where does one create that rule? I posted a screen shot.  It's a firewall rule.

Thanks!  That described my scenario exactly.

I have a Core 2 Duo E7400 right now which hits ~50% @ 1GBs. Might upgrade to a Core 2 Quad if I can't manage to drop spike to an acceptable level ( ~30%).

I saw the title and knew id be getting a laugh out of this post.