Just look at Firewall->Virtual IPs.
Linux as its way pfSense has its way.

Search before posting.

Sorry about the late reply.

It sounds like you're not changing the outgoing rule. You need both the NAT rule (or just use AoN) and a firewall rule on the LAN interface that sends matching traffic out your second WAN. The NAT rules are just there to perform NAT on traffic leaving those interfaces coming from the specific networks, while you need the firewall rules to actually direct the traffic there in the first place.

If you want to load balance you need to set up the round robin pool in the load balancer and use that as your the 'gateway' in your firewall rule instead of one of the WANs, but I'd suggest that you get it set up such that you can route traffic manually out either interface and that's working properly before you try and get load balancing/failover going.

Thank you so much for the help, that worked perfectly!!!!!!

-Altrez

Oh thanks, I solved the problem by entering dns server ips in the DHCP server properties

If you need to use squid, you could put it on a separate firewall or server that is behind pfSense.

@cmb:

OPT2 probably has the same gateway IP as OPT1 or WAN, which won't work. Put in a NAT box between if that's the case.

Thanks !! That was exactly the problem, the funny thing is that the modem itself renewed the offer from the DHCP and changed the gateway to the same of the WAN !

Anyway, thanks !  ;D

Hi Sir,

This issue are solve. The dlink nic cause the problem. I try to change other nic.

Thanks

@enrico1976:

I have the same situation discussed on a previous post:
http://forum.pfsense.org/index.php?topic=9542.msg54139

It seems there is not a solution on this thread.
Is this right?There is a way to instruct the OpenVPN gateway different to the default gateway on pfSense?

Yes there are options, depending on whether it's a client or server. It's detailed in the book.  http://pfsense.org/book

No, not with any open source solution I'm aware of (without hacking monitoring scripts yourself to modify routing based on throughput).

That's doable. The best source of info is the book, it details how to set that up.  http://pfsense.org/book

I got new etherlink and now i need to setup wan pfsense.

In my attachment is my Status: Interfaces. Is that OK? I think it is. ???

Can you tell me now what`s wrong or you still need more information?

1.JPG
1.JPG_thumb

@djc6:

@GruensFroeschli:

No you dont need static IPs on your WANs.
However what you need is different gateways on the different WANs.

Is this so you can ping the two gateways to see which link is up?  My Time Warner Cable and Verizon DSL gateways would always be different, since they own different IP spaces.  However, my gateway COULD change and my Dynamic IP changes - do you have to manually tell pfsense what gateway to check, or does it just automatically check the gateway that is handed down via DHCP?

This is to be able to differentiate between different WANs.
You can only have one gateway per interface.
And the interfaces need to have different subnets.
(Otherwise you cannot route)

@GruensFroeschli:

One common setup is to have a modem-routers in front of the pfSense which do NAT.
Then have static (private) IPs on the pfSense.

Wouldn't this lead to double-NAT'ing?

Thanks for the reply!

Yes this would lead to double NATing.
But this shouldnt be a problem since in most modem routers today you can define a "DMZ-host" to which all ports will be forwarded.

1.0.1 is out of date.
Update.

The configuration is centrally stored in the config.xml

Hi,

Problem solved…..

Shame on me...
Deleted and recreated all load balancing pools & rules. Good occasion to clean up things. working fine now.
For the arp story, it was clearly a nonsense from me. The network range from the modem is set to 192.168.10.X after my lan 192.168.5.X... The arp tool scan/sort results ip by range, ascending...
I saw all my wans and then my lan machines so I stopped... So stupid (and impatient) I am.

Good lesson for the future, be patient and think few seconds.

Sorry for disturbing you and thx again for your answers.

Hi

I think the problem is tha Squid currently supports only 1 gateway (WAN1).
Disable squid transparent mode.