Edit: Success. I had to add switchport trunk allowed vlan add x where x is the vlan id. I wasn't putting "add" in there. Then things worked perfectly. Plugged in to fa0/2 I get 192.168.10.x and fa0/2 I get 192.168.20.x. Solved!

Set management ip and subnet, make sure that this ip is usable and in same network than your firewall Set your wireless settings Turn dhcp off from that wireless router connect only power cable and lan cable from your network switch or firewall(pfsense) and connect that cable only to lan side no wan at all Enjoy

Sure, Firewall > Virtual IPs.

If that all in the same subnet you could use Proxy ARP or CARP VIPs, if they are in the same or different subnet, you could use IP Alias VIPs.

Sounds like something plugging into that switch is causing a layer 2 loop - two bridged NICs going to the same switch, for one, would do that. The switch will work for a few minutes until some traffic starts going around and around and then it eventually melts down.

That's easy in 2.0. Just add an IP Alias type VIP for IPs in the other subnet, and you can then use it on your WAN directly as if it were the IP there.

With 2.0 you can define additional gateways.
Create such a gateway for .254 and then use it in the firewall rule on the LAN.

Ok that makes sense . I was applying the rules to the bridge interface its self. The wan and the the servers behind the firewall connect to the same gateway. So i want to be clear. By default all in bound traffic is blocked just like nat? IF that is the case how can i setup open the same ports to different ips? For instance if i have a web server on 99.98.99.45 and on 99.98.99.44 how can i pass port 80 to both?

They start charging overage fees ($1.75 / GB I believe) :(

It work now! It was the windows firewall on the computers with windows7. The server with w2003 and the xp machine worked, i tested on them and then the light went up, its windows again;) Thanks for all the help!:D

@cmb:

@jasonlitka:

An extra 4-5ms of latency is worth the potential bandwidth bonus to me.

It's extremely rare that it would only be 4-5 ms, most people have higher latency than that to their first hop, but if that's the case for you it really doesn't matter whether you tunnel everything through or go straight out. Usually 40-60 ms is more like it unless it's on the same ISP and/or geographically very close with a good direct route that doesn't route you all over. Adding 4-5 ms won't make any real difference, 40-60 is a major difference.

Agreed, 40-60ms would stink, but I don't have that.  :D

A1: pfsense is able to do what you required in less then 3-4 seconds :)
A2: you can choose to use failover or loadbalancing (round-robin) or even both at the same time for different protocols/destinations/…
A3: you can use 1.2.3 for this but me personally would advice using 2.0 as it is a big improvement in tons of ways and it's nearing completion and has been stable for me for months

That helps a lot for what side to put the rules on thank you. If I still cant get it to work I will put up screen shots.

Ah, that's nice!

I've done it like this now, and the configuration part of it seems to work just fine … I'll try an automatic failover this weekend.

Thanks a lot!

From what I understand you want, yes, pfSense should do this just fine.

I think ill be re-installing pfsense tomorrow rc3 V2.0 and starting all over, wish there was a step for step guid to get this working.

I did manage to setup one of my Cisco / linksy RVS4000's lastnight and got all my vlan's working perfectly so i know my switch is setup properly at least.

I had an appointment and sat down with the technical department of my ISP today.

Tech noticed the setting "ppp multilink fragment disable" was set on their end and not on my router…

So question would be whether or not this should be set or not...  But since it was easier to have them turn it off I asked them to.

Now my mlppp connection is behaving correctly.    ;D :)    ( Insert partying smiley here. )

So question to the dev's...    Could this setting be included on the advanced section of the ppp's page for others that may be having issues to try??