Make sure when you are switching devices behind the modem that you hard reboot the modem as it will stick to one MAC address at a time.. when it is not in bridge mode it becomes that one MAC address by itself so you don't have to worry about the reboot process. But in this case pfSense is the router and the interface of your win needs to be that MAC address..

@Bob-Dig I am not said wireguard, i am said the WAN.

@tgl I looked into that. They combine TV and Internet service and the non-residential TV service sucks. That's why I went this way. At present, it is only personal playing with software development and the extra expense was not warranted for having 2 internet services.

@StormGate said in Mac Filtering ISP Side:

I knew not to make any changes as it is always the ISP

Put that one first 👍

@frog

You are better off with an external modem that connects via Ethernet. Makes it completely transparent to pfSense.

LM1200

$40 from Netgear, $25 from Amazon

I have the older LB2120 connected to pfSense for dual WAN failover.

But I came across this

Huawei E3372s LTE USB-stick
Link interface: /dev/cuaU0.1
Init string: &F&C1&D2E0S0=0

And this

Modems reported to work as Ethernet devices
Huawei E3372-325

https://docs.netgate.com/pfsense/en/latest/cellular/hardware.html

@Lauryx Ok, so perhaps it's the Static route that you are missing then. If you go into System / Routing and static routes you need to add a route to 192.186.0.0/24 using the Wireguard Gateway.

Again, how you do this on the OpenWRT side is something I don't know...

@pablomichelin NAT the entire subnet at each end like the Netgate docs then.

Documentation

@Gblenn To be honest its not very often i do it. just a pain if i have to and then restart the process.

@Gertjan oh cool i will give that a try

@khb But to answer your question. You should use the 2100 because of the superior feature set and support that comes with it compared to Edgerouter 4. Not to mention pfBlockerNG and so on.

@CFC Thanks for the reply Glad you are back in business. I'm about to swap out my pfSense firewall for a dumb router and see what happens.
If the problem remains I'll follow your route. If the problem goes away I'll know its the pfSense.
Thanks for the feedback.

@Altamir said in Multi WAN:

Is the Claro modem using PPPoe or PPPoa by chance?

@coxhaus ok maybe something to think about. I have a tp link switch with layer 2/3

@alfredudu de onde vem esta informação?

@Farh
Disabling reply-to on the accessed node - yeah, this could be a reason.
When enabled, replies are directed to the gateway, which is stated in the interface settings.

Disabling reply-to could lead into issues with multi-WAN setup, however.
To avoid this, you can add pass rules to the top of the WAN rule set only for the source of the WAN subnet and disable reply-to in the advanced options.

@viragomann Perfect, that worked! Thanks!

bridge-fixed.png