Transparent Shaper not working in Transfer LAN

  • I succussfully configured a transparent shaper on a 3-nic hardware. I only will shape outgoing Traffic!

    I'd used the LAN nic only for dummy usage … it's not connected and used (only for initial configuration). WAN and OPT1 are bridged. It' works fine if i put the shaper in a simple LAN like this:

    |Internet| ---  |(WAN) OtherRouterDoingNat (LAN)| --- |(WAN) pfSenseShaper (OPT1)| --- |(LANSubnet with LocalPCs)

    The LAN subnet behind the OtherRouterDoingNat is /24 ...
    ... WAN and OPT1 on pfSense are bridged and configured on this Subnet eg. /24

    I'd set up the queues and rules manually and shaping works very well if my PC is one of the local PCs inside the subnet configured on pfSense at the WAN interface as well.

    My Problem is now, that if i try this in a bit more extended environment i'll get problems:

    |Internet| ---  |(WAN) OtherRouterDoingNat (TransferLAN)| --- |(WAN) pfSenseShaper (OPT1)| --- |(TransferLAN) CoreSwitch (DifferentLocalLANs)| --- |DifferentLANSubnets with LocalPCs|

    If i'm not located inside the TransferLAN ( behind pfSense it's not working! From the DifferentLocalLANs pfSense blocks the traffic. I think my problem is caused of the IP Adress configured on WAN which lies or lies not inside Transfer LAN ...

    ... pfSense now blocks any other Traffic which source is not from the TransferLAN itself but rather from the "behind lying" DifferentLANSubnets!!!

    Is there a possibility to tell pfSense to pass all Traffic through the bridge/shaper, also if the Traffic is from different subnets (other than configured in Interfaces/WAN)?


  • … may be someone knows a solution or a similar open source product, which can do that (shaping Traffic going through with no need of filtering the traffic)? But please no pure *nix/*bsd solutions as this is too complicated for me ,)

