@jimp: At the moment we don't have a good solution for that. You could try your hand with OpenOSPF, but it has some quirks. Quagga does support BGP but we don't have a GUI for it yet. I had problems with OpenBGPd + Quagga in combination when they both try to route public IPs/areas ( I hoped that OSPF could manage our AS "internally" and BGP does the public connections)… They changed "foreign" routes each other and so they provoked crashes of the other service each. So best is to use them in non conflitctable networks... e.g. we use BGPd for public IPs and OSPF for internal networks only (192.168.x.x).

OK I removed the gateway from the VOIP network, and it's routing just fine now, thanks.  ;D

You can't do that with CARP. You need both WANs on both units if you want to use CARP. If they are actually isolated on the LANs and don't do CARP, then using a dummy interface between them may work fine if they both treat it as a WAN and have appropriate NAT.

I sent the isp an email asking them this. Let us know what you find out from them. I'm tempted to try RouterOS. They told me this: The issue with your MLPPP setup was due to an upgrade we made in our system. We copied the existing running config, and it appears that with the upgrade, additional changes had to be made. The reason that your connection was not working when your second modem was active was due to both of them attempting to run as individual circuits and not being bonded. The next time either of your circuits drop, the MLPPP bundle should disable and the circuit single circuit should still work and depending on how your router functions, no changes should be needed. I will try disconnecting one line myself and seeing what happens later.

For those interested, I figured out a workaround to my issue… I added the following to the end of /usr/local/sbin/vpn-linkup... route add -net 192.168.1.0/24 192.168.13.253 It's a hacky way to do it, but it adds the route when the pptp connection is established.

That means it's not plugged into anything, or not plugged in with the right kind of cable (xover or not), or bad cable. Doesn't have link.

I think letter "a" is the answer. Basically what im trying to do is Im trying to access an AP(10.0.0.91) in my LAN2 Subnet (10.0.0.1/24) from my LAN Subnet (192.168.0.1). I configured a firewall rule in may LAN2; Action: Pass Interface: LAN2 Protocol: ANY Source: 10.0.0.91 Destination: 192.168.0.3 Other Options: default. But Still I cant access its web configuration. Help PLease

That is interesting, since my setup is the same, and that sounds kind of like what I have going on. What I just can't square with that, though, is that just flip-flopping the monitor IP (which also restarts apinger) resolves the issue. I do find some of the log entries upon changing the monitor IP interesting (10.x.x.x is cable gateway, 96.x.x.x is cable upstream router, 192.168.x.x is wireless gateway, 71.x.x.x is wireless upstream router): Jun 5 14:35:23 check_reload_status: Syncing firewall Jun 5 14:35:24 php: /system_gateways.php: ROUTING: setting default route to 10.x.x.x Jun 5 14:35:24 php: /system_gateways.php: Removing static route for monitor 96.x.x.x and adding a new route through 10.x.x.x Jun 5 14:35:24 php: /system_gateways.php: Removing static route for monitor 71.x.x.x and adding a new route through 192.168.x.x Jun 5 14:35:24 apinger: Exiting on signal 15. I'm going to do some searching on that and see what I can come up with.

If it's using mDNS, and I'm not sure if PLEX does, you'd need to use something like avahi.  I'm using it now for mDNS on two physically separate LANs and it seems to work as expected.

In your first drawing you had 192.168.11.0/24 addresses on the links to both gateways. So I guessed that you did not have this setup already. When yyou say: don't want to change something I'm not supposed to it makes me think you have a production network running at the moment, with some version of connections close to what is in the drawing. If that is the case, then you are going to need to find some "late night" down time and make sure to backup all config before changing/testing. From my head, the process is: Set LAN address to 192.168.11.26/24 Set WAN address to 192.168.111.27/24 and add a gateway to 192.168.111.250 - it will be the default gateway "by default":) Assign OPT1 to the NIC for the backup link, give it 192.168.211.28/24 and add a gateway to 192.168.211.254 Edit each gateway, specify an alternate monitor IP that is on the real internet and responds to ping  (e.g. 8.8.8.8 and 8.8.4.4) - it is no good monitoring just the 192.168.n.n gateway addresses, they are likely to be up all the time. Add an alias that includes all the private networks you are using. The easy way is to make an alias "Private192" for 192.168.0.0/16 Add a Gateway Group "MPLSpriority" - make WANGW tier 1, OPT1GW tier 2. Add a rule on LAN, before the allow all rule, that says: source LANnet destination not Private192, gateway MPLSpriority (the gateway for a rule is in the advanced section of the Firewall Rule Edit GUI page) What have I forgotten?

Ok, so am I understanding that you are dumping 5-6 separate networks into one (non-vlan'd) switch? If so, what would motivate you to something like that? The noise you hear is Dave Sincoskie spinning in his grave.

@niebla: Take a look at your DNS Settings. Are you suing the forwarder? Does the proxy have any DNS entries? If so try removing them. Yes, I use DNS forwarder of PfSense, but none configurationa about DNS is dove on proxy server…

Yes, they are using pfSense as DNS server. Ok, thanks again. I'll give it a try!

I think the problem can be PROXY ARP. On the Cisco ASA is proxy arp enabled. How is possible enable or check if proxy arp is working on pfsense?

It will send the DDNS update on whichever interface you configure it to happen. On 2.1 you can select a failover gateway group (one gateway per tier) as the 'interface' for DynDNS so it will send whichever WAN is both up and preferred (e.g. WAN, but if WAN goes down, WAN2, etc)

I am well aware of the fact that I can do all of that with one router. There is a reason why I need to use the two of them. It should not be that complex. I have actually already done this test project with one pfsense router and a Apple router and it worked fine. I borrowed the Apple router from a friend to see if it would work and it did. All I needed to do was change the static IP on the Apple router on the WAN port and connect it to the LAN port of the pfsense router and it worked fine.