I tcpdumped on the VLAN in question. With avahi off I do not see any multicast packets to port 5353 coming from the pfsense. No matter what configuration I do in PIMD. Once I enable AVAHI however I see tons. Something with pimd is not working (at least here) and I would greatly appreciate any suggestions.

This is fundamental to a decent Fw in todays world. If PfSense intend to play a part in that world, this is basic stuff that needs to be fixed asap.

@kiokoman Hi, thanks for your interesting about the question. Yes I tried several time with multiple configurations: the most obviously was create vlan 0.836 where igb0 is the main interface where is still attached vlan 0.835 for internet traffic. Telecom says 10.10.10.2/30 so I supposed gw for vlan 0.836 is 10.10.10.1, but with or without gateway the connection isn't really active. So I disabled "monitor gateway" considering it active (i have so many doubts about it as i can't see any relevant traffic on this interface), then I created firewall rules on new WAN 0.836 "any to 224.0.0.0 proto IGMP with applied "allow IP control" option and "any to 239.0.0.8 proto UDP "with applied "allow IP control" option - then on interested internal lan (called IPTV) "allowed IGMP and UDP from network IPTV to 224.0.0.0", in the end I enabled IGMP PROXY with upstream WAN 0.836 and downstream LAN IPTV, nothing to do, I'm missing something, pheraps more than something ;)

It seems that it can't be fix at the moment. Other people stumbled upon the same problem.

Using a phone hotspot doesn't work for my use case. I was really hoping there would be a way to make pfSense obey the firewall rule to route out the specified gateway.

@viragomann Finally got around to reinstalling and reconfiguring from a clean install. I am happy to say that it solved the problem.

@viragomann Hi, sorry for the late feedback. I got it running. Connected the WAN part from the NanoPi to the eth3 and gave him LAN network. And the LAN port from the NanoPi then to the switch.

@viragomann Many thanks!! That makes sense, although this is really bad :( With your keyword I found an article in the A1 forum. There they indicated that the A1 support could fix that somehow for the guy. The only thing I need is that they forward the ports, well, I will chat with them, let's keep fingers crossed. Thanks again!

@mushymiddle all good points :)

Seems the issue was with my route. I had to specify the ip and not only the dev e.g. route add 10.0.0.0/16 via 10.240.0.1

@swemattias I learned somethings from these websites: https://github.com/ahuacate/pfsense-haproxy/blob/master/README.md https://docs.deeztek.com/books/pfsense/page/pfsense-haproxy-softether-vpn https://cbonte.github.io/haproxy-dconv/2.2/configuration.html

I think this redmine issue might be covering a similar issue https://redmine.pfsense.org/issues/855. Does anyone have a work around for voip connections so far?

@johnpoz Ok, I was so blind Thank you!

@steveits Got it working. Thank you!