Perfect. I am happy to hear that.  ;)

Internally, users are using the DNS from pfSense, but I don't believe that I can specify to users connecting through on pfSense to use the pfSense DNS.  There is an option to set WINS, which I have done - but this doesn't actually seem to be any help

@Perry: Does Status -> Interfaces show a working nic Problem Solved. Interfaces were not showing in Internet Explorer, but in Firefox I can see all interfaces. Thanks

Yes it's never going to work. WAN 192.168.0.2/24 gateway 192.168.0.1 WAN2 192.168.2.2 gateway 192.168.2.1 LAN 192.168.1.1/24 rules Source 192.168.1.1/25 gateway WanFailsToWan2 Source 192.168.1.128/25 gateway Wan2FailsToWan

You can also make the torrent program to use a static source port for outgoing connections if the programs supports it (azureus vuze does for example), then you can match the traffic based on the source port and direct it to a specific wan.

Have you made any rules using wan2 gateway?

only 2.0 has the fix for CP to work in such environment. It did not make to 1.2.1.

i have vlan capable switches from asus but i dont wanted vlan

I would add another NIC. If you cannot do that, a vlan-capable switch and a trunk to the pfSense might be the solution. I would avoid to work with shellcmd aliases because they're not supported in the GUI.

try to set up the one monitor ip for both for example your dns if u are using the same provider for both WAN`s

the second rule from the lan has no sense TCP LANnet * 127.0.0.1 8000-8049 WAN2Gateway TCP LANnet * 127.0.0.1 8000-8049 WAN3Gateway the order to process the rules is from top to bottom and i understand well u are tring to disable ftp. If i`m right jut put on every NIC a rule to block FTP

@ginosteel: as u posten it seems that in lan rules u let only : TCP            LAN net    *    193.178.175.1     *    OPT1                    VPN Comp 1      TCP            LAN net    *    193.178.175.2    *    OPT1                 VPN Comp 2 try to add a new rule based on your needs for the third comp There is no third comp on another side of VPN only two exists, my problem is that Cisco externel interface somehow get IP from pfSense from LAN interface and I don't know how is this possible. This mostly happend when I boot pfSense before Cisco and when this happend Cisco afcourse can't astablish VPN connection. If boot order is right then all works ok and any computer behind pfSense (on LAN) have access to 193.178.175.0 network and internet…

First of all try to let the traffic pass thru all the interfaces LAN, WAN1, WAN2 and after that just starting adding rules to your LAN but be carefull that if u need to specify that for ex port 80 goes to WAN1 and port 5050 goes to WAN2 u need also to specify the gateway for each of them and in your case must be WAN1 and WAN2

This option would only apply if the traffic would enter on the WAN and immediately leave again out the WAN. Okey, and since the rules dont allow anything in from the WAN, nothing can enter either. Understand. The LAN only have one rule. Its a * on everything and allow. =) The subnet is not conneced psysical on any of the pfsence interfaces. The VLAN switch has a physical connection on the LAN side to one of our internal switches.

I only did some simple failover testing with a lagg group as the WAN, but the GUI allows you the load-balancing options also. 2.0 is ALPHA, so there could be some rough edges. I would not put it into production without doing a lot of off-hours testing first. Also review the issues on the 2.0 testing board.

Ok i will have a look at this, maybe i can change anything to one firewall…. can someone tel me for what the interface swicht in the routing settings are? If you dont understand why a single route is enough you should read up on how routing and static routes work. until now i would say i know how routing works.. but maybe i have to improve my knowlage thx.