@vd: Thanks for you answer. I really thought that pfsense could be a solution for my problem. What a pity. Thanks anyway Regards Vincent Replace the watchguard with pfsense? –Bill

Ok, a lot of thanks  ;D

You have to add multiple VIPs at wan and then use 1:1 NAT to translate the IP-Ranges. However this is extremely "dirty" but if that's your only way to do it…  :- I guess you need "ProxyARP" or "CARP" as type "other" doesn't involve macreplies.

@RoboK: HI, what abou t your problem with FTP. I have the some problem with listing FTP site if I ahve configured and working Load Balancing. Any ideas to resolve it? FAQ.  FTP does NOT work with load balancing.  Search the faq before asking questions.

you can put as many IPs in the pool your hardware can handle (nics, cpu-power,…) It's plain roundrobin. You can fake some "weighting" by entering some of the gateway IPs twice in the pool (A,A,A,B if you want it weighted 3:1 for example), and yes, already established connections will remain at the same gateway they were originally initiated.

Thank you CraigRoy for your detailed description. I was fighting with the same problem and finally your case study helped me to solve it.

Solved/moved: http://forum.pfsense.org/index.php?topic=677.msg6547#msg6547

Turned out to be only a matter of the way it was tested. It seems that it worked right from the start :)

Now I Feel Like a big jerk…... when I switched networks,  never bothered to change my gateway on my bittorent server.  just a simple route del / route add, and the packets are flying........ Everything is flying down the right paths and which is nice,  I think I can do just fine right now with what I have,  not bad for my house BTW..... this is a wonderful project.  Keep up the good work.  If you every need a half wit like me to beta test I will......  just be warned RTM is going to be my first tatoo

This has been covered 4 times.  I am not kidding. Please search.

A PIII 500Mhz can do 80Mbps to 90Mbps with just a single WAN connection (WAN->LAN, LAN-WAN), using packet filteirng and NAT. (Same with a VIA C3 1Ghz…But I was using Intel NICs) Once you start adding things like Squid, Samba and such, it drops down. It won't be a problem for 2x 10Mbps lines.

@charles.regan: I think i'Ve found the problem. my monitor ip where all the same for all gateway. i've checked the routing table and the route for the monitor ip was rl3. that should explain the problem. weird that it worked since version 0.6. what should be the monitor ip ? if my gateway is 201.120.51.1, can I use 201.120.51.1 as the monitor ip ? thanks It will add a route for the monitor IP to the refferenced gateway. If you enter always the same monitor IP for all gateways it will overwrite the previous route and you'll end up with only one route. The monitor IP should be different for each gateway. You should set the monitor to a hop near you at the appropriate interface. Depending how your connection is set up the gateway IP or the first hop after your gateway might be a good choice.

VIPs of type ProxyARP and Other might work depending on the way your connection is set up. For the command line type alias you'll have to wait for 1.1.

Guys – monitoring is currently broken.  We're working on a fix.  This should be set to go in Beta 3 which is scheduled for release tomorrow but this issue may push us back to Sunday.

I could uploaded them on my server with your name and stuff if you'd like… :) Just contact me! :)

thanks figured it was something simple. just when i did status.php in m0n0wall all my routing entries went back to loopback and had no direct route. So i thought i had to add them "statically" using the iproute command.

I recommend upgrading pfSense to the latest snapshot (as of Apr.1/06); it has an olsr fix. As for the questions, I also am interested in any answers posted. -pc

The "alias" VIP-type will be in pfSense 1.1. CARP only works if the additional IP is in the same subnet of the real interface IP. If that is the case it should work. You'll need additional firewall rules for the CARP IPs to allow this traffic depending on the rules of the Interface the additional IP is configured on.