Shaper stoped working when I disabled NAT - help



  • Hi,
    I need provide to local users Public adresses and shape total speed for local network 1 mbps
    1. I set at LAN - non IP
    2. Disabled NAT (opening Manual NAT settings and deleting all NAT rules)
    3. Using shaper Wizard and set 1 mbps for Downaload and Upload for LAN and WAN interface.

    I checked at LAN network Internet is working and but speed does not shape.

    what I need to do additionaly? where I missed?



  • What version of pfSense are you using?



  • @podilarius:

    What version of pfSense are you using?

    I am using last version  pfSense-2.0.1-RELEASE-arch.iso.gz



  • Have you adjusted any of the floating rule manually?



  • @podilarius:

    Have you adjusted any of the floating rule manually?

    No I did no do it manually. But I see that all rules in floating rules are for WAN interface there.
    Really I do not know what I need add, that it become working correctly.



  • It should still apply, have your rebooted since you have made the NAT changes?



  • @podilarius:

    It should still apply, have your rebooted since you have made the NAT changes?

    Yes when I disabled NAT I rebooted it. I send to private ip adress for access to my Pfsense.



  • check attachmenet with scheme




  • 1st … LAN needs an IP. It will be public and should be in a different subnet than WAN. This way routing works. If not, you are going to have to bridge and set you devices to use the IP of the WAN as its gateway.



  • @podilarius:

    1st … LAN needs an IP. It will be public and should be in a different subnet than WAN. This way routing works. If not, you are going to have to bridge and set you devices to use the IP of the WAN as its gateway.

    I have done it., I open Interfaces > assign>Bridges
    but shaper still does not work. what else need to do ?

    thanks



  • Actually, when I was looking at it earlier, I did notice that shaper was working in one direction only. I wonder if the problem is because of LAN not having an IP. That should not really matter though.


Log in to reply