Videos and audio not working.. Help plz!!
-
I've never used the captive portal feature so I may not be of much help. :(
However, as it says in the docs wiki, it's much the same as that for m0n0wall which is well documented here:
http://doc.m0n0.ch/handbook/captiveportal.htmlI can't see any reason why you couldn't do it with your setup.
Steve
-
Sorry … But I can't find any direct setting in firewall rules where I can assign these gateways to set of lan ips!!
-
I've never tried this either I was just speculating but..
Set the source in the firewall rule to network then divide up your LAN by defining, say, a /27 (30 addresses).
E.g. 192.168.1.1/27 (192.168.1.1-30). The only problem with that is that in that case 192.168.1.31 is seen as the broadcast address so is not included. :-
A better way might be to define some aliases for your LAN client groups.
Yes, just tried it and that works much better.
Add an alias with type network(s) and divide up your LAN address space, 192.168.1.1-192.168.1.32, for example. Add aliases so you have divided up your LAN into 5 groups.
Add firewall rules with source, alias LAN1-32, gateway WAN1.Like I said I've not tried this but it should work. It has a number of drawbacks though. If one WAN goes down that group of LAN IPs will not have access. It will not share the load evenly, if your heaviest users are all in group 1 they will have a problem. :-\
Steve
-
You could make 5 gateway groups, each with a different WAN as tier1 and the others rolling down in priority:
WAN1-Priority-Group - WAN1 = Tier1, WAN2 = Tier2, WAN3 = Tier3 …
WAN2-Priority-Group - WAN2 = Tier1, WAN3 = Tier2, WAN4 = Tier3 ...
WAN3-Priority-Group - WAN3 = Tier1, WAN4 = Tier2, WAN5 = Tier3 ...
WAN4-Priority-Group - WAN4 = Tier1, WAN5 = Tier2, WAN1 = Tier3 ...
WAN5-Priority-Group - WAN5 = Tier1, WAN1 = Tier2, WAN2 = Tier3 ...Then have your aliases for each group of users, e.g.
Group1 192.168.1.0/27 (0-31)
Group2 192.168.1.32/27 (32-63)
Group3 192.168.1.64/27 (64-95)
Group4 192.168.1.96/27 (96-127)
Group5 192.168.1.128/27 (128-159)
(splitup the range of IPs that your users actually get into 5 reasonably subnet-able ranges)Then have 5 rules, each rule feeds one of the alias 'Groupn' into the matching WANn-Priority-Group.
Then, if a WAN is down, that group should failover into the next WAN. But any single user on a single local IP will have all their traffic directed to a single WAN link at any one time.
This is a manual load-balancing and failover scheme, but at least it ensures that 1 client IP will go out over 1 WAN and appear to have 1 NAT'd IP address to all the internet servers it accesses. -
Yes of course, that solves the fail over problem. :)
However you can't just use /27 as it doesn't include the first or broadcast address, 0 and 31 in the first subnet 32 and 63 in the second etc.
The alias entry page can generate the required networks by entering a range, 192.168.1.1-190.168.1.32 as I said above. It results in this:192.168.1.1/32, 192.168.1.2/31, 192.168.1.4/30, 192.168.1.8/29, 192.168.1.16/28, 192.168.1.32/32
Which looks nasty but is correct!
Steve
-
thanks very much guys … for the help
I am using subnet 192.168.0.1 ...
then this should be my setup?Group1 192.168.0.0/27 (0-31)
Group2 192.168.0.32/27 (32-63)
Group3 192.168.0.64/27 (64-95)
Group4 192.168.0.96/27 (96-127)
Group5 192.168.0.128/27 (128-159)can start addresses from .. 192.168.0.50/27 (50-81)
and in aliases i say the option of hosts/network /url etc ....
so can I defines particular ips in aliases list .., may be I can list all the ips in aliases list without following the above approach -
Don't use the /27 notation for the reason I outlined above.
Use alias type network(s) and enter '192.168.0.1-192.168.0.32' etc.
Steve
-
Hi Steve … I followed your instructions ... I have made all the aliases groups and load balancing groups ... have put all the users on static ips
I saw I can't move the groups up or down ... so I guess I need to delete the old Load balancing group ... ??
and I was wondering then what should I put gateway in LAN .. default or can I recreate a group like old one and put LAN on to that ... I guess in this ways it will handle the left over IPs to ... presently my IP list is 120+ -
You need to have the new rules corresponding to the groups at the top of the list since the firewall matches rules on a top down basis.
It would be a good idea to have a default rule below these to catch anything that isn't matched. You can use the default gateway for this or a loadbalancing gateway.
Does it look like this is working?
Steve
-
Its working ))) Thanks Steve … I am really thank full to you and this forum ... I never expected this type of response ...
I have implemented the setup partially ... just for now 2 WAN .. actually I couldn't sort out the IP ... I need a little a time for that may by the end of the today I will manage implement the setup ...
and other three WANs are working on the old Load Balancing group ...
One more thing ... I asked you about the configuration of my pfsense earlier that can it handle the through put of 250 Mbps (in other topic) ... you said yes
But whenever I go to speedtest ... it never crosses 135 Mbps (usually around 120 Mbps) ... is it normal for speedtest .... ( I am using cat 5e wire for gigabit link to GBswitch) -
I have read that speedtest.net does not give an accurate result above 100Mbps but I am unable to test that with my two WANs (20Mb and 40Mb). I can say that it uses both my connections and gives a value usually around 56Mb.
You can test the connection by manually starting some large downloads on each WAN. It's a PITA though! :P
Steve
-
Hi … I arranged whole setup ... All working good ... Finally everything is settled ... For the time being I am not too worried about the speedtest ... Well I really appreciate your help Steve and this forum ...!!!