  • I have searched everywhere and all I see is that this has been fixed. But on my FRESH install I am still seeing the following.. (see attachment)

    WAN the WAN3 are all part of a 4 port NIC that is using a Digital chipset. WAN for is s standalone Intel.

    Any hints or ideas on how I can get this corrected. I had it all configured up to put in place of an older Firewall and then when I made the switch my routing was not working of course. So I had to plug the old box back in till I could figure this out.



  • WAN, WAN1, WAN2 and WAN3 are all on the same subnet. Are they bridged or grouped?


    IAny hints or ideas on how I can get this corrected.

    What exactly do you want corrected? I think you will have to provide some more information about what those WAN ports are connected to and how you want them to operate.

  • I have 5 static IP Addresses and each interface will have its own IP but they will all route thru the same gateway.

    The only difference in the new firewall and the old one is the 4 port NIC is not in use on the old setup but the config that I want to do is the same and is working there. Not sure if this is maybe a strange hardware issue or something else.

    The only difference in the new firewall and the old one is the 4 port NIC is not in use on the old setup but the config that I want to do is the same and is working there.

    This doesn't sound to me as if the new config is the same as the old one!

    I still don't understand what you are attempting to do. Perhaps you want to send incoming traffic from the internet out a particular interface based on the DESTINATION IP address in the packet.

    But you said the config that you want to do is the same as the old one without the 4 port NIC and that suggests to me that whatever you have connected to the 4 port NIC is not in use which seems to make it a rather pointless exercise.

    And you haven't answered my previous question: What exactly do you want corrected?

    Perhaps a diagram of your network (including internet connection) and explanation would help me understand what you are wanting to do.

  • Maybe I'm misunderstanding too, but it sounds like Slicer101 is trying to use multiple static IP addresses, which should really be assigned as Virtual IPs and all go out the same interface if they have the same gateway, rather than creating multiple interfaces, one for each IP address.

  • Yes. I am trying to use a Multi WAN config and yes if I could I would use the Virtual IPs setup and be long done with this whole issue.

    The reason for this is that my ISP has a very stupid @$$ was of handing out a Static IP. I have AT&T U-Verse and the Residential Gateway device they use has to hand out the address via DHCP AND it needs an interface to hand this IP out to. As I said. STUPID.

    I host 4 domains and then I have one spare IP. Currently on the new 2.0 system the spare IP is assigned to the single Intel NIC. The other IPs will be assigned to the 4 port NIC and proper NAT rules will be put in place. This same BASIC config is in place on my 1.2 based system using a separate NIC for each IP.

    Does that clarify what I am trying to do?

  • I'm guessing you have a single physical connection to the Internet and you want to use the four port card to connect to each of four servers with pfSense acting as a firewall between the servers and the Internet.

    This doesn't fit with your description of this as a multi-WAN configuration (which I would take to mean multiple connections to the Internet). But I can't see any detail of multiple connections to the Internet.

    If my guess about your configuration is correct, then it would seem to be a simple matter to have a separate subnet for each of the servers and setup port forwarding rules on the WAN interface so that anything to publicIPaddress1 is forwarded to server1 on privateIPaddress1, anything to publicIPaddress2 is forwarded to server2 on privateIPaddress2 etc. And one of those 5 publicIPaddresses would be used for pfSense itself.

    I don't see why it is necessary to have the 4 port card in the scheme I suggested. The four servers could all be on a single subnet. But using the separate interfaces allows greater control over interactions between the servers.

    Did I make a good guess?

  • I guess I just need more sleep…..


    1 connection to the internet.
    5 static IP addresses
    1 pain on the butt residential gateway that has to assign the static IPs via a weird DHCP setup to a REAL interface.
    4 hosted domains (web, mail, etc.)

    Trust me guys. I am fully aware of all the ways that this SHOULD be done. I am also aware of the limitations that are imposed by my U-Verse config and the lack of thought they put into allowing the use of static IPs.

    Everyone ask questions about what I am doing but no one has even tried to address the issue of the Gateway status. Understand this. A 1.2 based system is working with multiple NICs. I want to try now to use one slot rather than 4 to get the same results. One port of the NIC is coming up and working while the other 3 sit in Gathering Data. THIS my friends is the issue.

  • Wow. I don't have a solution, but I'm definitely happy with my choice to NOT use U-Verse at this point if that's the junk you're required to go through! My sympathies.

  • The U-Verse would not be an issue really if not for the Static IP address need.

    Does not seem anyone else has a good answer as to why the Ports on the NIC are coming up either.

  • I don't have u-verse myself, but I am somewhat familiar with the limitations of using the static addresses imposed by their junk CPE. You don't need to use different physical interfaces, though–my understanding is that if you use CARP type virtual IPs, that each VIP will have a unique MAC, which will then work with their braindead CPE. Regular Proxy ARP VIPs do not have unique MACs, so that type will not work.,28184.0.html

  • Sweet.. Thanks sleeprae!!

    I knew there had to be something out there that I could not find.

    I will give this a try a little later.

    Thanks again!

