• GRE tunnel results in dead slow upload

    1
    0 Votes
    1 Posts
    433 Views
    No one has replied
  • Config PFS Load-balancing / failover without NAT

    1
    0 Votes
    1 Posts
    214 Views
    No one has replied
  • Dual LAN gateway "split tunnel" client?

    8
    0 Votes
    8 Posts
    1k Views
    W

    @viragomann
    I believe I found what I'm looking for. I have pfSense running in KVM under Ubuntu. I am going to use Libvirt to create 2 MacVTaps, instead of using a brctl bridge for the LAN connection. This should also be a faster connection than the linux bridge, according to some web articles.
    This is not a pfSense config issue, so may not be appropriate for this forum.

  • Routing Disney+/Netflix Over Non-VPN Interface

    20
    0 Votes
    20 Posts
    3k Views
    T

    @satisifed-stew Great news! Glad you got it working, and sorry for sort of dropping off this thread. I'm a pretty casual forum user myself though and didn't have other ideas at the time. Thanks for following up for anyone who may have the same issue.

  • LTE 4G Modem on WAN appears to sleep/disconnect

    1
    0 Votes
    1 Posts
    486 Views
    No one has replied
  • 2 Wan 2 LAn

    2
    0 Votes
    2 Posts
    464 Views
    bingo600B

    @katiasishost

    Looking here is a great start
    https://docs.netgate.com/pfsense/en/latest/index.html

  • IGMP proxy restart needed for IPTV

    1
    0 Votes
    1 Posts
    365 Views
    No one has replied
  • Policy Based Routing of return traffic

    5
    0 Votes
    5 Posts
    2k Views
    Y

    Thank you, I’m banging my head on that issue for days, it would be nice if a mention was made in the documentation that reply traffic doesn’t go through PBR.

    My solution will be to setup a dedicated pfSense that will have a default route through VPN (OpenVPN in my case)

  • how to assign default gateway to a gateway group

    4
    0 Votes
    4 Posts
    518 Views
    jimpJ

    It wasn't supported back then. That is ancient.

  • Routing magic; would someone explain this please

    3
    0 Votes
    3 Posts
    243 Views
    W

    @wtw
    I figured this out. I will create a new post with a resolution, since it encompases more than this specific post.
    This issue is closed.

  • Load balancing across 2 VPN instances

    7
    0 Votes
    7 Posts
    732 Views
    W

    @wtw
    This is not resolvable without changing OpenVPN to incorporate a 1:1 NAT to completely hide/isolate the conflict from pfSense.
    I consider this issue closed.

  • Multi LAN NIC Woes

    5
    0 Votes
    5 Posts
    635 Views
    J

    Was hoping to see some other responses, but clearing the rules and re-adding them in a specific order fixed my problem.

  • Dual CenturyLink DSL connections

    3
    0 Votes
    3 Posts
    931 Views
    S

    @chpalmer I tried. Unfortunately not.

  • This topic is deleted!

    1
    0 Votes
    1 Posts
    5 Views
    No one has replied
  • Adjusting thresholds for packet loss

    2
    0 Votes
    2 Posts
    338 Views
    Raffi_R

    @bhjitsense
    Here is a screenshot of where you can access those settings. Go to the location shown for your Cellular gateway. Then click on the "Display Advanced" button at the bottom.

    1b341c15-c6ba-4103-8ebf-b2d3dc33ab78-image.png

    After expanding the advanced options, you will see the screen below.

    dbac8604-8e10-4a8f-8a70-cd96184f6613-image.png

    In order to do what you're requesting, it sounds like you have to change the lower and upper Packet Loss threshold to 100.
    The Time Period is the time that the sampled data is averaged over. This is set to 1 minute (60000). Therefore, with that remaining with the default value, the 100 percent loss would have to occur for more than a minute since the 100 percent loss would be averaged in with the time before the failure and the time after the failure which had zero loss or close to it. At least that's what I would think. I could be wrong.

    Alternatively, you could do what I did and simply Disable Gateway Monitoring all together for the Cellular link. In my case I don't care if my backup Cell link is down since there's not much I could do if that happened to go down at the exact same time my main link went down anyway. That's just a scenario I'm willing to accept. If I wanted anything more bullet proof, I would invest the money in a much more robust solution.

  • 0 Votes
    3 Posts
    425 Views
    S

    @viragomann that did the trick thank you so much!

  • WAN dropping every 24 to 36 hours.

    2
    0 Votes
    2 Posts
    175 Views
    F

    A little help would be appreciated.

  • policy based routing question - 2xWAN, one static, one dynamic

    3
    0 Votes
    3 Posts
    370 Views
    S

    Learned quite a bit today ;-) and it works. Thanks for pfsense and the docs!

  • Multi-WAN with same Gateway

    11
    0 Votes
    11 Posts
    938 Views
    mohkhalifaM

    @rico said in Multi-WAN with same Gateway:

    Nice....would you mind share?

    -Rico

    1- You must have router with a Multi-NAT option
    2- You have to configure 1:1 Multi-NAT in your router with any IPs from your router's subnet
    ex:
    WAN IP-01 x.x.x.x = 192.168.1.11
    WAN IP-02 x.x.x.x = 192.168.1.12
    WAN IP-03 x.x.x.x = 192.168.1.13
    3- If needed, Forward the ports for IPs we already made in step 2 and at the same time allow the ports from the router's interface in pfSense
    4- Create a Virtual IPs for each IP we already made in the Multi-NAT configuration "Private IPs".
    5- Create pfSense 1:1 NAT rules for each private IP to our desired Local Server IP
    ex:
    Private IP 192.168.1.11 = Local Server IP 172.16.10.11
    Private IP 192.168.1.12 = Local Server IP 172.16.10.12
    Private IP 192.168.1.13 = Local Server IP 172.16.10.13
    6- Create a firewall LAN rule to pass the traffic and MUST choose the gateway for the interface we are working with.
    7- check the firewall Rules for opened ports in the router's interface we allowed in step.
    That's all

  • ARP Table reporting routes for entire /22 subnet

    3
    1 Votes
    3 Posts
    465 Views
    johnpozJ

    If your connected to an L2 be it a /22 or a /24 or even a /8 running on it, then yes your going to see arp entries for other devices on this L2 network.. This is how networking works..

    The only way to not see other mac address for devices on the same L2 as you would be for the ISP to filter that on their network..

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.