Thanks a lot!!!

True. If that is what you primarily need, I wouldn't recommnd this router. We only have one server so we don't really need to do any incoming load balancing :)

Yes, you got it. If the routers that you use in front have a DMZ/expedited host feature enter the LAN IPs of the pfSense there.

Did you reconfigure your PCs behind the pfSense? They now have to use the pfSense as gateway and have to be in the LAN subnet of the pfSense. Somehow sounds like they are still using public adresses.

@khuetam:

@DanielSHaischt:

OMG - SmoothWall as a replacement for pfSense :'(

Hi all,
Does Smoothwall support multi-wan?

Maybe not the right forum to ask about smoothwall but afaik it doesn't.

@hoba:

Just install an additional nic in your machine. Then after powering up go to interfaces>assign in the webgui. There should be a + icon now as there is a nic that is not yet assigned. Just click it and the nic will be assigned.

Thanks for fast answer.
Follow your help, I added the fourth NIC to my pfsense.

What was used for this?  Was it Quagga or openospfd?

nb

@sullrich:

Not at the moment although it's something we want to look into.

I'll revisit the OSPF package in a moment and atleast get it where you can telnet into it for configuration and make sure it auto starts, etc.

@Timmeh:

Hi everyone, I would really appreciate some help if possible.

Here is my current setup:

WAN1 –[Modem]–----
                               |
                             [pfSense]–-----------LAN
                               |
WAN2 --[Modem]–----

Modems are Dlink DSL 300T.
These modems pass the public IP addresses over to each PfSense interfaces.

Pfsense Interfaces:
LAN IP = 192.168.1.254
WAN1 IP = Static IP (manually configured) = x.x.x.46/30 | GW: x.x.x.45
OPT1 IP = Static IP (automatically Via DHCP) = x.x.x.9 | GW: ??

The LAN users are currently using the WAN1 for internet access, everything is working fine.
The LAN users cannot use OPT1 for internet access for some reason. The link is up and ping-able from outside.
I think it has something to do with routing.
The default route for pfSense is set to the Gateway address of WAN1 (x.x.x.45).
However the Gateway address of OPT1 is set to 127.0.0.1.

I have read almost every post on the forum regarding dual WAN and load balancing which are relevant.
I have also read the two guides available on the pfsense website.
One thing that is still not clear is about the hardware side of the situation.
Is it absolutely necessary to use a router in between each modem and pfsense in order to set up the outgoing load balancing and automatic failover?

I am also having trouble setting up the load balancing configuration because of this.
What IP addresses can I use for the monitor IP's?
PfSense tells me it cannot use the IP addresses already assigned to the interfaces.
I do not have enough public IP addresses to add any to a pool either.

Many thanks in advance for any input given or anyone who can point me in the right direction regarding the load balancing pool with specific details.

Follow this:
http://doc.pfsense.org/index.php/Multi-Wan/Load-Balancing

I successed with this document.

Thank you. Much appreciated :)

@XK:

I have two DSL connections and I want to use PfSense as firewall / NAT router.
I want to use load balancing for all my traffic but I will route some specific traffic on WAN1 or WAN2.
If one WAN drop, is it possible to automaticly route all its specified traffic on the other WAN interface?

A parital solution to your problem is discussed here:
    http://forum.pfsense.org/index.php?topic=2583.msg15171

Please note that this is not officially supported by the pfsense devs, so do not file bug reports or complain if this solution does not work for you.

Reflection is only supported on the LAN interface.  There are no workarounds.

Sorry.

No one has any clue?  Seems like this would be a common setup.

Hi,
I finally had time to Change my Wan Interface from PPPOE to a static Ip with a Modem router in front of it. After the change I rebooted. An now Portforwards are working with Advanced Outbound NAT on the OPT-WAN Interfaces and Policy Based routing.
From my point of view there seems something not real working if you use PPPOE on the WAN interface, maybe the developers could take a look into it.
Regards

You have to use one dns of each of your wans at system>general setup. Also add a static route at system>static routes through the optwan to the dns-ip/32 of the optwan.

@scarpy:

Thanks very much for BACKUP function on PFSense!!  ;D

I'd like to modify Raja's monitor-gw script to add this function to my PFsense box:
When monitor-gw script changes the default gateway,
i want it to change the 1:1 NAT rules for my PCs
In other words:
I need to NAT my LAN IP addresses in different ways depending on which is the
default gateway at the moment.

Some details:
My LAN is 10.0.0.0/24 with static IPs.

My WAN1 is 192.168.1.0/24 (PFSense NIC is 192.168.1.1)

My WAN2 is 192.168.2.0/24 (PFSense NIC is 192.168.2.1)

My default wan is WAN1.

I want to use NAT to change each LAN ip from 10.0.0.x to 192.168.1.x.
When my default wan (WAN1) is down, PFSense must use WAN2 and must nat each ip
from 10.0.0.x to 192.168.2.x

Thanks in advance for any help.

Bye,
Alex

you can do that 2 ways a hard one and a simpel one
the hard one you need to edit the rules.debug file on the fly from the monitor script and chanche the wan interface there to the one that is active

the simpel way is to copy the rules.debug file to 2 files
/tmp/wan1.rules and /tmp/wan2.rules
edit the wan="interface" line in both files to the correct interface
let the script afther chancing the wan interface
the correct rules file run

pfctl -f /tmp/wan1.rules
      for wan1
pfctl -f /tmp/wan2.rules
      for wan2

That did it!

When changing the gateway from LBtoWans to default I noticed there was an "OPT2 - OPT2" gateway appearing in the dropdown menu. Don't know where it came from.

Anyway, thanks a lot hoba, great support and great product!

http://wiki.pfsense.com/wikka.php?wakka=OutgoingLoadBalancing

Thanks … that got rid of the syntax error.

-- Phob

You need to use the lan ip if as source if you try to ping through the tunnel from the pfsense itself. Try from a client behind the pfSense or use as source the LAN IP. At the webgui for example use interface lan at diagnostics>ping. Other option is to add a static route to remotesubnet via gateway lan IP of local pfSense.