New install + Multi WAN <=> Only one WAN functioning
lexje last edited by
First of all a big thank you for such a beautifull pfSense!
I'm trying to get my head around this for a couple of days now and do realize that I have a whole lot to learn about networking and firewalls, so please bear with me…
What I try to achieve:
Living in a place with bad internet connectivity, I'd like to couple 2 or 3 ADSL internet lines. On has about 7 - 8 Mbs download, the other has 4,5 - 6 Mbps at best.
In my ideal world I'd like to be able to sum these and get something like 11.5 - 14 Mbps. I'm not sure if this is possible at all, but after some studying I think it should be possible.
The 2 incoming ADSL lines have their own modem. One is Siemens Gigabit SX762, the other is Sagem B-Box.
pfSense is running on a triple NIC machine.
I have configured WAN, OPT_WAN and LAN.
Internet connection is working.
But apparently it is only sending/receiving on WAN and not on OPT_WAN.
Also speedtest indicates only one internet connection is working..
When I do some pinging to files.pfsense.org from both outbound WAN and OPT, I receive all packets witt 0% packet loss.
So this says that DNS and outbound access is working.
Did some googling for MULTI WAN setup examples.
I own the Definitive Guide, but am somewhat confused about MULTI WAN configuration.
-> If I understand correctly, in previous version this should be configured under Load Balancing, but in 2.0.1 this should be done using routing groups.
This leaves me thinking I must be misunderstanding the firewall rules section.
The Definitive Guide also doesn't document Floating rules if I'm not mistaken.
I would be very grateful if someone would be so kind to hand me some advice on how to work this out!
Please let me know if you need more information about my configuration. Can snippets of the backup.xml file help?
Thanks a lot!!
![Screen Shot 2012-11-07 at 23.40.33.png](/public/imported_attachments/1/Screen Shot 2012-11-07 at 23.40.33.png)
![Screen Shot 2012-11-07 at 23.40.33.png_thumb](/public/imported_attachments/1/Screen Shot 2012-11-07 at 23.40.33.png_thumb)
Heliborn last edited by
I have only recently started working with pfSense, but from what i have read and understood as well as previous experience, you misunderstand the way Multi WAN works.
You can't simply get multiple connections and expect to have their combined bandwidth as a single connection without the cooperation from your ISP.
The Definitive Guide is made based on an older release of pfSense. It does not have the updated menu pages nor the updated settings.
Multi WAN will allow you to use your DLS lines in a round robin fashion. pfSense will simply send one connection through one WAN, the next connection through the second WAN and so on. You can weigh you WAN links if they have different speeds based. That way even if one can do double the bandwidth, you will not over utilize any one link. (This is done through Tiering of the WAN links. You can place them on different tiers to use the second WAN only as a backup)
Each connection needs to have a unique gateway for this setup to work. I believe PPPoE connections are the only one that are the exception.
Now here is a quick overview of how to get this working.
Setup you NICs first. configure each connection on a different NIC.
Then go into Routing -> Gateway Groups and create a new group with your WAN links. Configure this however you want interms of tier.
change the default rule in the firewall to use the newly created GW.
You should do a bit more searching if you need a more specific example or a more complex config.
heper last edited by
you shouldn't need to create 3 gateway-groups for what you try to accomplish.
Create only 1: Tier1 BGC & Tier1 Dommel
Then go to your firewall rules, to the LAN tab. adjust the default any-to-any rule, scroll down to the advanced section.
Change the gateway to your newly created gateway-group.
You do have to realize that Pfsense will not gain you speed difference with typical http/ftp connections (see previous post).
It should however speed up when you use P2P or speedtest.net