@viragomann Thanks for the reply. I'll the setting and give it a test.

@fatherprax no, that's not my problem. I don't use DHCPv6 either. I use RA. My WAN interface requests a 56 prefix instead of just 1 address. and my LAN interfaces are just set to 'track interface' and they get a bunch to give out to their devices. You can go to https://ifconfig.co/ or do a curl -6 https://ifconfig.co/ That should work on your machine, if it doesn't, then you don't have a valid ipv6

Can't figure it out. Since i believe what i need is called router-on-a-stick i made Port 1 to pfSense a trunk. But no matter what i try in the switch settings i cant open the Slate GUI (10.145.130.1) or the Player (10.145.130.2) on my Workstation. Port 1: pfSense Port 3: Slate Port 6: Workstation What is the correct setting: [image: 1668429342212-1.png] [image: 1668429347978-2.png] [image: 1668429356977-3.png] [image: 1668429363242-4.png]

[image: 1668230741737-d9d0f870-9f6d-4b88-bbb9-00dd82775ef9-image.png] Also i tried both WANGW and the failover and the same behavior. For browsing it won't use the primary IP assigned to WANGW

@derelict I cant give you more than that at the moment... We havent received any info regarding the expected implementaton.

@viragomann I thought it would not work because the additional encryption domains, are not local to the Sophos either But thanks, I will give it a try.

@nazar-pc so interface can be slow of no dns.. So while your dns is in the middle of switching over, or something - yeah you could prob see a slow down in the gui.. Lot of times it like checking for a update, and rest of gui doesn't want to load until that is finished sort of thing.

@johnpoz Yah, I just was about to post that I figured it out. Something must have gotten mucked up with the default gateway which was pointing to the MAC address for some strange reason. I just deleted the gateway and added it back again and boom, working!

Hello viragomann, yes those were typos unfortunately, it should read (Copy&Paste the Lines :D): LAN1 (192.168.147.1/24) -> Pfsense ETH0 WAN1 (192.168.3.1/24 Fritz.Box) -> Pfsense ETH1 192.168.3.2 WAN2 (192.168.4.1/24 Fritz.Box) -> Pfsense ETH2 192.168.4.2 WAN3 (192.168.6.1/24 Fritz.Box) -> Pfsense ETH3 192.168.6.2 I will try the helpdesk article thanks a lot!

Ok. I did. And now I post here, because the static route is too permissive, and restrictive firewall rule doesn’t work. Can anyone help?

@umtsti These are the same settings as you posted above. So I'm wondering, why it would behave different now. Anyway, these settings only affects pfSense Name Resolution normally, If you have configured your Network as you said above. However, there might some settings be different. That's why I suspected a DNS issued.

@ricardotestamonede So you have to configure the Fortigate for Multi-WAN. You should provide a separate network port on pfSense and connect it to the second WAN of the Forti. On the pfSense interface allow any upstream traffic. Consider to block access to the local network if desired.

policy based routing service based routing session based routing