@Nachtfalke: I am thinking of a small home router like a small d-link, netgear, zyxel, fritz!box, speedport Just something really small, quiet, less power consumption. http://www.reichelt.de/?ARTICLE=37669;PROVID=2028;&utm_source=Preisvergleich&utm_medium=CPC&utm_campaign=google_feed Didn't you get any Modem, Router from you ISP ? Yes but my cable modems doesn't have advanced firmware. It's like a usb modem. (does not have router function) Do not have NAT-Firewall anything. Thanks.

Only way this would work is to bond connections…  Since your using two transport methods Im not sure how well that would work...  Your ISP would have to support it...

Right now both links are from the same ISP, fibre + WiMax. In the near future the secondary link will be switched to another ISP. We'll be doing some tests with DNS failover (not load balancing), we'll see how it goes…

The vlan interface names on 1.2.3 (vlan1, vlan2, etc) have no correlation to the vlan tag. If you have four VLAN tags setup, you'll have vlan0..vlan3. On pfSense 2.0 the interfaces are renamed to reflect the proper tag and parent interface. For example if you have vlan tag 20 set on bge0, it gets named bge0_vlan20.

Maybe i'll travel around a globe someday, but not today. there is no way that personal budget can stand that kind of investment. Good that it was solved. Can you tag first post subject field with [solved] or similar

ok will try. thank you!

It seems that the latest fix was the real one

You are posting in the "English" section of the forum ( not spanish ) Which version of pfSense are using you ? Have you checked / readed the Docs ?  http://doc.pfsense.org/index.php/Main_Page Have you used the "search" option before post ? estas posteando en la seccion en ingles, utiliza ese idioma con que version de pfSense estas trabajando ? Consultaste la documentacion ? usaste el buscador antes de postear ? Saludos

All you did is ok. The rules are applied from top to down. So if there ist traffic with destination port 80 and 443 your rules for GW1 will be applied. All other traffic will use you GW2

update ! atleast to a stable 1.2.3 release , but i'd suggest you try the 2.0 latest rc3

You don't have to have nat on servers, but if you do it would be easier to access those servers in same subnet. create a virtual pfsense machine to see what it's capable of or try to read documentation. then you see that this product can do almost everything except brew coffee or shave my beard

with filtering bridge you should use 3 interfaces for management. filtering bridge is transparent in network means, so it has no ip-address to show to clients ok as usual using search helps a lot and ofcourse documentation wiki helps with how-to's and tutorials. you can block websites with transparent squid+squidguard

that subnet from where you want to ftp trafic to go out, usually lan. but if you have like opt3 from where you want to trafic to go out then you should change the rule to opt3 interface and any other concerning things also

you should not use ap in modem, you should have wireless nic in pfsense or other ap device after pfsense to get that desired protection

I repair it whit LAGG ;) INTERFACES -> LAG yeee!  Thanks ;)

Read here of Maximum Transmission Unit

great then