Split ports from LAN to multiWAN

  • Hi,
    I am trying to learn PfSense and haven't decided whether or not to use it.
    Basically, my small environment has 2 ADSL line from 2 different Service provider and One VMware 5.5 Server that has multiple Virtual; servers. First ADLS line has a modem and internet connection is working fine. first line's subnet is It is connected to a switch and all client connect that switch. Basically, It has been working for a long time.
    I recently got a second ADLS line. the main purpose of getting this line is separating services to multiWAN. Such as, VOIP connection must use Second Adsl and rest of traffic must go to first adsl line. Second line has connected and I tested it. It has network. network cable from this adsl modem is not going to switch. it is connected to directly one of network ports of the physical server.
    I have installed PfSense as a virtual machine and add 2 vNIC cards. one connects to LAN switch ( and this network has gateway (adsl modem), second nVIC connects to Second ADSL line and gateway IP is
    So, PFSense found 2 cards and I manually gave static IP address to those ports and It seems ports are up in PfSense. They are online. Also created 2 upstream IP for those LAN and WAN interfaces in PFSense and upstreams are gateway IPs of 2 adsl modem ( and
    Also I chose LAN is a default gateway
    What I want is traffic from UDP port between 4000-65535 to my VOIP provider's External IP range must use second adsl ( and all other traffic , email http, https etc… must use firs adsl line (

    I created firewall rule, from LAN Subnet port range UDP 4000-65535 to VOIP COMPANY IP RANGE destination and any port must PASS and use gateway
    Second rule is from my LAN to * with any port default pass.

    First question is can I do what I want in PfSense? if so, what should I do?
    If you have any solutions, please give me detailed examples because this is the first time I use Pfsense

  • Yes, it is possible.

    I think what you want to do is set up policy-based routing.  This will allow you to direct traffic to an interface based on a set of rules (policies), such as IP address, port, or protocol.

    Additionally, pfSense has advance capabilities such as QoS (Quality of Service) that can prioritize one kind of traffic over another.  So you could eventually use both WAN ports as either a load balanced pair or a failover pair, and ensure that your VOIP traffic has the highest protocol priority, and that would ensure the quality of those connections.

    It can do a lot, and you'll eventually see the value of some of these other features as you implement them.

Log in to reply