Wan DHCP is 192 168.1.1

I decided to test this tonight. Installed Avahi, left it on it's default settings. Added a single Floating rule as per the screen shot. The printer will add and work as a printer, but nothing regarding the scanner. Windows doesn't seem to detect it. I'll try in the morning connecting the printer to the LAN and manually adding a new TCP/IP Port and see if Windows is happy with that. Then move the printer back to the wireless network and see what happens when I update the IP Address. I'm still unable to see my Chromecast from the LAN and the Smart TV (wireless) can't see the NAS (LAN) So I've not got something set up right. Any other ideas ? thanks [image: IGMP.jpg] [image: IGMP.jpg_thumb]

Glad we got it worked out, great that you were in chicagoland, and thanks for lunch! ;)

Thanks. I realize that, but being new to virtualization, I wanted to be sure that I have the right overall concept.

Ohhh Eureka!~  Found the part in ntopng where I can see point in time reporting for bandwidth usage. There may be an easier way to navigate to there, but I did the following: 1.) At the bottom, middle of your screen you'll see live I/O (small) graphs. 2.) I clicked on the "Incoming" interface stat (arrow down) 3.) click on the time graph on the top nav bar for that interface 4.) On the Timeseries timeframe click on the blue scale to select the window you want to see stats for. 5.) Hover your mouse on the spike to show details on the right side of your screen. :) thanks!~

On pfSense 2.4 with OpenVPN you might have some luck with an SSL/TLS VPN that uses TLS Encryption+Authentication (–tls-crypt). It provides extra privacy and protocol obfuscation. That and moving it to another non-default port might help.

Thanks for the reply. I plan to look at this shortly, but I may have an issue if I use IGMP Proxy. I'll open it as a new thread to save any confusion. But it may have an impact on how I can use the Chromecast or AllStream to my TV (wireless) from my PC (LAN) Thanks

I use untangle with the home license  switched from pfsense for better filtering and utm features  and have it working with vlans fine so to tell the truth  I am very happy with ut and have not experienced  any slow downs compared to pfsense, So I really am not seeing the use case of pf sense here just use UT as firewall/router  also,  the less complications the better things work

"@johnpoz (repeatably:)) said, it didn't have anything to do with multicasting" I never said that once - what I said repeatedly is that it has nothing to do with PFSENSE.. Since pfsense has ZERO to do with clients talking to each other on the same network.. Pfsense is a GATEWAY!!  Of that network if clients want broadcast or multicast pfsense gives 2 shits ;)  And has nothing to do with that..

Activating the RAM disk options for /var and /tmp under System > Advanced on the Miscellaneous tab will reduce the amount of writes.  This is extremely effective on standby members of a two-node cluster on heavily-utilize internet connections!  Disk writes went from up to 100MB/s to nearly zero on the standby firewall in the HA carp cluster.  Since the firewalls are servers with plenty of ram, I set the ram disk sizes to 1 GB for /var and 500MB  for /tmp .

That iTel looks like a pretty good service if the use case is right.

Why do you want to specifically use pfSense here when all you seem to need is a proxy server?  Any *BSD or *nix box could do that for you. I've never heard of a single-NIC config where the NIC is WAN.  I also haven't had the need to actually configure like this, so I don't have direct experience.

Once the VLANS have been configured on the physical interface they should be listed in the drop down menu at the bottom of the interface selection with "ADD" to the right (I've attached pic from my home unit) Once added you can then configure the IP addresses / etc of them and should be able to bridge them from there.  

@hypernative: Dial on demand.. that's new information for me. The line is fiber.. Why i want it to be restarted compeltely: The router is running is a VPN-client, all traffic is routed via the external vpn source. If the VPN provider has problems, and later when the VPN service is UP again there can be scenarios when the router has to be restarted.. Well I was referring to reauthorizing PPOE (if you were using it), and again, can't you build an IPSEC tunnel on the pfsense directly to the remote end, that would bring the tunnel up when it sees interesting traffic instead of involving another random bit of hardware running it's own VPN client?

There is a recent hangout explaining how to use OpenVPN as a WAN (PIA, etc). It goes into detail regarding policy routing. Yes, Gold Membership gets you access there. October 2016 pfSense Hangout on OpenVPN as a WAN with pfSense March 2016 was Multi-WAN: https://portal.pfsense.org/webcasts/index.php?video=160624666

So… it seems to be the LRO that is decreasing the throughput. I'll keep you informed. *edit: i think that and some performancetuning helped.

Ok. Found my miracle. One firewall rules block this.

i would stop trying to measure from/to the firewall. This is pointless & incorrect. try this & report back: iperf-server<->routerWAN | routerLAN <–> iperf-client