2.01, simple load balance two PPPoE to same ISP
In general this appears simple to configure, but I don't know what needs to be done for the last step.
As with my multilink PPP / VLAN experiment, it appears the WAN interface created during the initial setup should not be used since it is going to be replaced by the gateway group later. So assign it to a nonexistent VLAN just to make the initial configuration process go smoothly, and remove it completely later.
NetGear ProSafe GS105E (cheapest 5-port switch currently available that supports 802.1Q VLANs)
Easy 802.1Q VLAN config:
Port 1 - VLAN: 1
Port 2 - VLAN: 2
Port 3 - VLAN: 3
Port 4 - VLAN: 4
Port 5 - VLAN: ALL
pfsense 2.01 initial install:
Will you be using VLANs? Yes
create -> em0 -> VLAN 1
create -> em0 -> VLAN 2
create -> em0 -> VLAN 3
create -> em0 -> VLAN 4
create -> em0 -> VLAN 5 (no assigned ports)
WAN -> em0_vlan5
LAN -> em0_vlan4
OPT1 -> em0_vlan1
OPT2 -> em0_vlan2
OPT3 -> em0_vlan3
Web GUI setup:
Skip the wizard, click on logo
Interfaces -> OPT1
Username / password of first DSL account
Interfaces -> OPT2
Username / password of second DSL account
System -> Routing -> Groups -> Add
WAN - None
OPT1 - Tier 1
OPT2 - Tier 1
Trigger level: member down (default)
Interfaces -> WAN
At this point it is unclear what else I need to do.
There is no firewall rule tab for the "TWO_PPP" gateway group. Can't do anything with it.
OPT1 has no firewall rules.
OPT2 has no firewall rules.
The default LAN rule "Default allow LAN to any rule" seems like it should just automatically direct everything to the gateway group, with the WAN interface disabled. Though, unknown.
Do I need to change this default LAN rule to explicitly point to the gateway group, like this:
(The following will retain the original rule but disable it, as a backup copy.)
Firewall -> Rules -> LAN
For rule "Default allow LAN to any rule"
Add new rule based on this one
Description: Allow LAN to load balancer
Advanced features -> Gateway
Which looks like this:
I do not yet have the second DSL line installed to know if this configuration will be correct.
You seem to have all the right configuration options.
Since you are using VLANs instead of actual NICs, you will need to double check your switch configuration. It needs to have a trunk port to the pfSense box with all the VLAN IDs. The rest of the ports also need to be properly configured with a single VLAN for their respective connections.
Yes, you need to explicitly specify the LAN side rule to send traffic to the TWO_PPP Gateway.
Let try 1 wan connect with pppoe and another is dhcp from your modem.