How to set up 2 internet interfaces against 1 lan and divide resources on those



  • Hi there…
    Have been running pfsense for some time but are facing a challange that goes beyond my skill-level.

    Had a normal setup with one lan and one wan... 6 adresses on the wan that i used for portforwarding. That worked quite good but mostly i did not understand the Aliases and virtual adresses. But after some fiddling around i got it working. The resources i have right now is 2 webbs and one FTP that are on the inside...

    Now the tricky part (at least for me)

    Ordered and got delivered a new 100 MB line that i want to dedicate to the FTP.
    But I can not understand the basic steps for this. And the problem is that the more i read the more confused i get.

    Could someone give me some "steps to implement"
    like.. 1. create alias ... 2 Create manual NAT rule ... 3 go for lunch

    I would really appriciate this.. (of course.. a pointer to a understandable post would also do it :)

    /Regards Ingemar




  • This has been covered a lot lately. try to use search. if you don't still think that you could handle this, update this post again.



  • Hi Metu69salemi..

    Yes i noticed that in this forum there are a lot threads about this.
    My problem is that those are written by people above my newbie skills.
    Therefor when they start to discuss L7 , Proxy Carp , Load balancing and stuff i´m lost already there :-)

    I´m having a 2.0 and want only the basic 2 webhosts available through the 10 mbit company line
    and the FTP available through the cheap 100 mbit ADSL.

    Furthermore i´m puzzled by the most likely simple fact that it says "put that rule before the default rule"…. since i can not even see the default rule, assuming that the dafault role is to deny all traffic that is not implicitly granted.
    Maybe its more easy to install one more pfsense :-)

    and i tried the wiki and i spent about this whole day reading all those threads.. and i´m just more confused :-)
    There is however one thing i have not tried... There is a "wizard to create multi wan connections" but that would
    most likely destroy everything.. and this is in production.

    /Regards Ingemar


  • Rebel Alliance

    Use policy routing  ( serch for that on the forum )

    http://doc.pfsense.org/index.php/What_is_policy_routing%3F



  • Hi again.
    Now i officially give up.
    Tried to follow the advices given in those two threads:

    http://forum.pfsense.org/index.php/topic,39018.msg204041.html
    http://forum.pfsense.org/index.php/topic,39650.0.html

    But those does not work.. There are advices that are not possible to execute in those threads
    and there are a lot of suggestions about things that´s not confirmed if they really where executed.
    but anyways… not working for me.

    There would of course be good if someone could summerize those threads and write down
    the settings that was done... (and worked)

    Until then i will have to go for one extra cisco router and static routes and all that shit :-)

    /Regards Ingemar



  • FTP TO GO OUT VIA DIFFERENT GATEWAY MANUAL(modest version)

    1. Make sure you have the another up and running ok
    2. Make sure you have aliases for ftp server ip-address and needable ports
    3. Check in what subnet(interface) that server is
    4. Goto that interfaces rules tab and create new rule
      4.1) Pass RIGHT_SUBNET TCP FTP-SERVER-IP_ALIAS * * FTP_SERVER_PORTS
      4.2) goto "advanced features:Gateway" and select your desired gateway

Locked