Thank you for all the reply I really appreciate the help. My last question would be incase i get my hands on resources like additional ip address for my WAN(s) like 3 each. Do i need more LAN cards? currently have 3 on each. Would my current setup will be suffice in order to make it high availability internet and firewall failover? If so can you guys help me with the diagram if its not too much to ask? Thanks thanks!

What I do for cases like this - HTTPS and whatnot, is to create a "Failover" loadbalancer (or two) configured similarly to the loadbalancer one - then create a firewall rule on LAN (in your case for 'destination TCP port 2082') that uses the Failover gateway you created instead of the loadbalancer - that way you'll stay on the one interface/IP unless that link actually fails.  I'd prefer this to assigning a single gateway as it still provides functionality should you lose one WAN link.

You may need to check the signal strengths you're getting (Status > Wireless) it might be getting interference or who knows what. Wireless is always a PITA to debug.

Yes, /32 effectively refers to a single IP address.  I suggest you google "subnet calculator" if you want help with IP subnetting. @RangerJoe: If I am doing a single IP will it be a /32?

Thanks very much for the help so far. I take it you only know pfSense, and not the load balancing code in pf?

Thanks Perry – I did indeed have private networks blocked. Stupid user error strikes again... I am also using a nearby DNS as the monitor.

yes, fxp0 is "WAN" - though that interface (in native mode as fxp0) isn't being used for much. Inbound NAT and all of the VLANs work fine, and outbound NAT to IPs on both "fxp0" and the OPTWAN interface living as tagged traffic are fine.

That's comparing apples to oranges, it's not a good test. It would have been much less effort to setup IPsec or OpenVPN than mess with PPTP for a site-to-site link. That said, you might also double check your other PPTP server settings. In particular, the "Server Address" should be an IP in the same subnet as "Remote Address Range".

I do not know the fit123 package but unless it has the latest 2.0 filter.inc modification regarding dyndns it will not work.

jimp, Thanks for the info! I'll give that a try on Monday,back at the salt mines… On the taken out Linux based firewall it does have the following static route entry: 192.168.1.0/24  gateway    192.168.10.5 It's been a while since I have even been at this building so this looks kinda funky to me as well? It does work though?,,,:) I'll give your suggestion a try and see if the machines & phones can work,with that configuration. Thank You, Barry

I withdraw the complaint in shame and bewilderment - I can no longer reproduce the problem! I have just done 6 tracerts to the fixedip address, and they all went through the correct gateway. Thanks very much for helping though (and at least my SMTP rule works properly, now you've kindly debugged it for me)  :D

Thank you jimp.  That's what I thought.  Case closed.

Thanks GruensFroeschli . However, when the cable line is running in max speed during P2P. Does the adsl can take care (load balance) other incoming connection ? Thanks! Ken

That is not traffic shaping, as you had in the original subject. It's called policy routing. I moved the post to the multi-wan forum, but that is all covered in the Multi-WAN tutorial here: http://doc.pfsense.org/index.php/Multi-WAN_Version_1.2.x

Just connect a client behind the pfSense and access the internet. If you've set up your pools and rules using the pools correctly, you will see the traffic balanced on both WANs.

@GruensFroeschli: I doubt that the problem lies with the DNS forwarder itself. The DNS forwarder just forwards DNS requests to the DNS-server you configured. What DNS-server did you configure for the pfSense? Did you check the box "Allow DNS server list to be overridden by DHCP/PPP on WAN". Yes, DNS forwarder is just forwarding DNS requests but like I've mentioned previously something weird is happening. I've already tried a number of DNS servers already i.e. ISP's DNS, OpenDNS, Google's DNS, the result is the same, also unchecking/checking "Allow DNS server list to be overridden by DHCP/PPP on WAN" did not help.