sounds like a combo of port forwarding and manual outbound NAT. Setup IP Alias,CARP, or ProxyARP VIP for each that you are going to use. Setup portforwards to forward the traffic into the correct server. Then test to make sure that works. Once that is working, then go to outbound NAT. Switch it to manual. At the top (since it works top down) add each server with any port as the source with destination any. Set the NAT Address to the corresponding VIP.

Once you assign the VPN interface – Interfaces  > (assign), add the interface, then enable it with an IP type of 'none' and restart that VPN instance -- you'll get a gateway entry automatically. Once you have the gateway entry, you can craft a firewall rule to catch the traffic from the IP you want and force it to use that VPN gateway. You will have to make sure that NAT will apply to that traffic, either locally as it leaves the VPN interface, or remotely at the other side of the VPN, or it won't make it out to the Internet.

With NAT disabled, the upstream router needs to have a static route on it that points the LAN subnet back to the WAN address of the firewall. Otherwise you'd need a bridged setup, not a routed setup.

Hello dear PFSENSE Forum The Problem was not Pfsense and Loadbalancing issue. It was that the Managed Switch by the technical instance was 100mbit/s… Not the give me today a new Line in my House... Now is working with 150mbit/s... Thank you all for your help... Divotion

No one has any thoughts on this?

Turns out that: It is not hard, and I did know what I was doing the ports had not been configured correctly or there was some patching issue. Sigh, so many wasted hours :) Thanks anyway

try in this step http://forum.pfsense.org/index.php/topic,60977.0.html

In cases such as this, I always start with the firewall logs (Status > System Logs > Firewall) tab. IF you haven't setup any rules yet the traffic is probably getting blocked. If this is the case, you will want to visit the rules (Firewall > Rules) and add rules which all traffic out of the different LAN interfaces.

What virtual platform are you using? Vmware, VirtualBox, Hyper-v? It sounds like you don't want your pfsense box to be behind the host computer. If this is the case you will need to go into the networking configuration of your virtual environment and bridge the pfsense WAN interface to the physical hosts external interface. You will then want to create another virtual switch/network and connect the pfsense LAN interface to that. Anything you connect to the new virtual network will be behind the pfsense firewall.

I have to agree, if set to DHCP, it should be able to pull an IP address. I would think that perhaps the nic/cable/switch port might have something wrong with it. Traffic is probably getting to WAN2, but because of its issue will not get any farther.  If you can start with the easiest, change ports, then change cable, and then change the NIC out.

Sorry, it works for IPV4, don't use IPV6 yet. But you may want to check on your other routers in the network. TCP:SA is usually a valid block and you may be doing some criss-cross routing. (It's healthy to know where your packets go  :) )

Anyone ? We still have this problem also after having upgraded to 2.0.3 release.

It still is not multi-wan capable, even on 2.1. It will go via the WAN/default gateway no matter what you try, since we assume the WAN interface as external. If we offer an external interface choice it will still only work on one WAN, but you'd get to choose which WAN that is. Though I suspect it would still only really work on the WAN containing the default gateway. It's not a quick/easy fix or we'd have done it by now.

Thanks for the reply! Where can I look to figure out how to put in a "ifconfig de0 up" statement?  I am pretty new to FreeBSD.

That TIER setup, will cause WANA to be used all the time except when it's down, then WANB will be used until it's down too, then WANC and then WAND. If you're seeing only WAND used most likely you don't have the routing group as the gateway for your outbound firewall rules which is required for it to work.

Fantastic! I'll be paying up in a few minutes then.

Well, that's a good question  :) I found another (hopefully more reliable) machine that I intended to use as my main - and only - firewall in the future. For now, I just wanted to get it installed and hopefully test some of the cool stuff with pfsense that I wouldn't want to do on my production firewall. So I thought I'd run my own little testing system and maybe put a few select users on it but I also wanted to be able to access printers etc. behind the main firewall. That's why I'm doing this.