On your WAN interface, make sure "block private networks" is not checked. Other than that, it sounds like it may be Windows firewall at fault. Disable the firewall on your desktop machine and test again.

You do this on the Firewall -> rules section of the Pfsense GUI. In there you have to set up the rules accordingly. Be sure to put those rules were they belong, meaning WAN rules go on the WAN section, WAN2 in WAN2 so on… Whenever you are setting up the rules there is a section called "Destination Port Range", there you input blocked ports! The inverse of that rule will allow you to do what you want to do on WAN1. here is a handy tutorial: https://doc.pfsense.org/index.php/Firewall_Rule_Basics Hope it helps!

by implementing security by obscurity one usually ends up with holes in his/her feet

@heper: -Is there firewalling-software running on the clients? I bet this is the issue. By default, the Windows firewall allows ICMP only from within its own subnet

If it was working before and you are positive no changes have been made, there would be no reason for it not to work now aside from hardware failure. Change switch ports or perhaps try a different NIC in the FW. Also could try the cable first.

Ok so looks like I solved the Mystery. It has to do with the Firewall but more so the PABX actually giving up getting communications going between A + B. The Panasonic is sending an request on an RTCP and getting no response. So like any good system it sends a goodbye command and hangs up. Luckily there's an option to disable this ability. Turned it off and walla it works a treat.

Hi Luis I dont understand your configuration. It's something like this? LAN (192.168.0.0 /24) <-> (IP LAN?) PFSENSE ()                                     /                                     > 192.168.0.16 JUNIPER <-> 10.162.4.0 If its something like this, why you use pfsense?, only add a route at clients that 10.162.4.0 use 192.168.0.16 (its in the same network). Or using pfsense you could try using a static route under SYSTEM/ROUTING/ROUTES and add 10.162.4.0/24 via 192.1680.16/32 (juniperGW) if doesnt work verify your LAN RULES an check this option under "advanced/firewal -nat" X Static route filtering Bypass firewall rules for traffic on the same interface This option only applies if you have defined one or more static routes. If it is enabled, traffic that enters and leaves through the same interface will not be checked by the firewall. This may be desirable in some situations where multiple subnets are connected to the same interface. Luck

I did followed the instruction property but did not work so I tried different way (also sorry if i took snapshot when I tried that different way), found out that my firewall pfsense set to https for security reason so switched to http and reboot pfsense and after that it work so i switched back to https and all go okay now…. must be a little bug or server pfsense didnt reboot for more than 2 weeks Thanks and cheers

may this helps , mu question is : wts the differnece between  "default" and "0.0.0.0/1" in the routing table below ??? Internet: Destination        Gateway            Flags    Refs      Use  Netif Expire 0.0.0.0/1          10.4.14.65        UGS        0    5929 ovpnc2 => default            176.58.64.1        UGS        0    4197    le1 ============================================================ regards

I use google DNS for the Monitor ip. It should be "out enough"  :) Still doesn't work. Every time i get a new IP, the interface is marked as offline, but it isn't.

Anyone? :o

Well, the Sales Rep lied or didn't know what the crap they were talking about.. The Sony Redbacks in my area do not support MLPPP.. So I can going to just try to load balance them..

Rules 2 and 4 are never fired.  In general, pfSense rules apply to traffic coming IN (received by) an interface.  Unless you've got a very, very strange config, LAN1 will never see traffic coming into it with a LAN2-subnet source address.  Nor will LAN2 ever see traffic coming into it from a LAN1-subnet source address. They won't hurt anything but they're unnecessary and add clutter to the ruleset.

https://forum.pfsense.org/index.php?topic=69588.msg380413#msg380413    Ive got several of these (openvpn) links working into my primary box. Works very well.  :) Looks to me that at your home office your em1 and em2 interfaces need to be bridged.  Then into the remote side with a 10.0.0.0/24 address on a WAN port. I also believe that MPLS needs VLAN tagging but there again I could be wrong.

That would be the ideal solution. The service area is approx. 25 acres. I would need to add a whole new seperate network to connect everything.