Try blocking broadcast traffic as well, for the IP subnet of the LAN subnet. If your LAN is 192.168.1.0/24, add a rule blocking anything to destination 192.168.1.255 on LAN. Don't think that would be it but it's worth a shot

First in Firewall/Virtual IPs you need to define your additional IP addresses. Use these settings for each additional IP: Type: IP Alias Interface: WAN IP Address(es): xxx.xxx.xxx.xxx/32 (your additional static IP) Then go to Firewall/NAT/Outbound and select Manual Outbound and click on "Save". Then add rules for each LAN with these settings: Interface: WAN Protocol: any Source: Network, address: 192.168.20.0/24 Destination: Type: any Translation: Address: –> Interface Address Interface: WAN Protocol: any Source: Network, address: 192.168.30.0/24 Destination: Type: any Translation: Address: --> Select virtual IP with your static IP Then test from LAN 192.168.20.0 and 192.168.30.0 with http://checkip.org Do not forget to add rules in LAN1 and LAN2 to disable traffic from LAN1 to LAN2 and from LAN2 to LAN1.

@enavaro: Especially ticking the System –- Advanced ---- Firewall/NAT ---- Disable all packet filtering. Check my last post - don't do that, just disable NAT. No need to have a separate firewall.

I've seen that same described issue several times. Every time because of seriously screwing up a subnet mask, like putting a /1 mask on an interface, so the system thinks a gigantic chunk of the Internet should be locally reachable. Obviously that breaks things. There's no magic in the setup wizard. It's not possible to go through it and end up with the same config at the end and have it magically fix things.

A couple of opinions: -Stick with only the 4/4mb connection and use QoS to prioritize the game. or -go by ip, figure out the i's of everyone playing the specific game and then have those  go through the 4/4 connection, and the rest through the other one, this should be doable with firewall rules.

Yes. Create manually additional gateways pointing to your different modems. Afterwards make a group with your gateways and use this group in a firewall rule. Make sure you define different gateways for different DNS servers (under general setup). If you google for pfSense multiwan you'll find guides describing how to set this up.

Hi, I have noticed a problem with states table. I have an IP handset phone on my lan. It tries to connect to a external SIP server but it fails. In the state summary, I found : 192.168.0.69:5060 -> A.A.A.A:24725 -> 91.121.129.20:5060 with A.A.A.A is the WAN public IP. The problem is that this WAN IP is no more used by pfSense. It is an obsolete IP address. I should find : 192.168.0.69:5060 -> B.B.B.B:24725 -> 91.121.129.20:5060 with B.B.B.B the current WAN IP address. Once I have cleared all states with 192.168.0.69, the handset could connect to SIP server and work. Regards. Éric

Hey Jimp: Thank you for your response. i appreciate the feedback.  I'll hold off for the 2.2 update and be sure to check it out.

i don't know the exact details but i guess you should assign a VIP (the .226 ) to your LAN interface. then disable NAT for the cidr range but keep it enabled for the 10.0.0.x range ? see: http://doc.pfsense.org/index.php/How_can_I_use_public_IP%27s_on_the_LAN%3F also: don't try this on a production system … i have no clue if what i'm saying is correct

sebastiannielsens solution is the only one without using PPPoE.

Ah, thank you, so this is why I wasn't getting my notifications.  I've setup a cron job in the meantime to clear notices_lastmsg.txt every 5 minutes.  Just a temporary solution, but working fine for me.

short anwer: no long answer: -its impossible to use multiple interfaces with the same gateway address (pppoe is an exception)  <– this rules out a solution with vlan's -its also not possible to lease 2 ip's on the same interface with dhcp-client as far as i know. the only thing you could do is: modem----pfsense---LAN     |            | dlink/linksys-- Then you could portforward all ports from dlink/linksys to a secondary WAN interface on pfsense

Solution for multi-wan routing with same gateway from ISP Symptoms:  Only one (or maybe two) modems out of four would work because of the ISP giving out the same gateway IP.  (Turns out it can be caused also from two gateways on the same subnet.) Solution below: Ok, I opted for option 3…bought three Linksys WRT54GL series routers... http://www.amazon.com/Cisco-Linksys-WRT54GL-Wireless-G-Broadband-Compatible/dp/B000BTL0OA?pf_rd_mnb=ATVPDKIKX0D34&pf_rd_stb=center-2&pf_rd_rat=0817NMRY4ZRQZM6P18TH&pf_rd_t3r=101&pf_rd_ptd=470938631&pf_rd_ied=507846&tag=buaazs-20&pf_rd_ptd=470938631&pf_rd_ied= upgraded to current DD-WRT firmware (first with basic upgrade then with full package upgrade) then set WAN (default gateway on pfsense) to normal without router. then configured WAN2 on Router1 to be 192.168.0.1 then configured WAN3 on Router2 to be 192.168.1.1 then configured WAN4 on Router3 to be 192.168.2.1 later I setup with OPENDNS,NOIP, and set port fwds with anything I need to have come in. My network was 172.17.17.1 network. From my network I can acccess each modem and configure as needed. KEY is that if you set each modem to 192.168.1.1 and 1.2, and 1.3 you will get the same errors.  They need to be on separate subnets and then things are peachy.  It is not an IT dream solution but it actually is working pretty good so far and has become quite stable. At least I didn't have to toss PFSENSE quite yet…

Although I'm not quite sure that I understand all aspects of your network topology, my inclination (adhering to the KISS principle) would be to put the modem in bridge mode and do all the routing/nat-ing in pfsense.

if the wlan card is supported then it can be any sort of interface, does not matter if its lan or wan

the ADSL router have different LAN address one is 10.0.0.2/24 and the other is 10.2.2.2. Thank you for your quicky feedback. BR

Did you ever get this to work like you had planned…what where the results...where you happy with them?