(Assuming we are talking about load balancing) To differentiate the 3 modems, just use different monitor IPs for each. You dont have to use the gateway IP address as a monitor ip. You can use your ISPs DNS servers , web servers , routers - anything that will respond to a ping. To find these IP addresses you can run a traceroute or use something like nmap. You can even use google.com as a monitor.
sai On 7/20/07, William Smith <[EMAIL PROTECTED]> wrote:
Hi Again, I've asked questions about this previously and have gotten much help, Thank You. Now I have some questions that will help me clarify in my own mind the best approach to my specific network. I will state some facts to begin with. 1 I have 3 separate DSL lines all from the same provider, each is given a static ip based on login name/password 2 I am content with the "load balance" function with no other needs to direct or traffic shape certain traffic to a specific wan. my modems can be setup several different ways, I would prefer to go the bridged ethernet, and have pfsense do the PPPoE authentication on all interfaces but seems not doable on the pfsense opt interfaces so.... I can set up my DSL modem/router to DMZ the ip that is handed off to pfsense WAN, OPT1 and OPT2 When the modem is setup that way, and its DHCP enabled, and pfsense gets its ip via DHCP client, the modem hands it the "outside" static ip NOT an ip in the subnet of the DHCP server in the DSL modem/router. If i look at the status of the interfaces in pfsense I will see Status up DHCP up MAC xxxxxxxxxxxx IP my static ip Subnet mask 255.0.0.0 Gateway 68.152.xxx.xxx DNS etc... One of the problems is that ALL 3 of my gateways are the same. I've double checked this by using each wan dsl modem and my laptop. So how does pfsense distiguish each wan if they all use same gateway on the "other" side at the ISP? Or is this simply not a good way to do this. I know that I can just assign public ips 192.168.0.1, 192.168.1.1 and 192.168.2.1 to my dsl modems and use them as the gateways for the load balanceing setup but isn't this an unneeded router "hop" and just adds to the latency time? Then it seems to get messy if I need to access the web config for the dsl modems from the LAN side and my DSL modems have no web authentication so they are vulnerable from inside my LAN so more rules would be needed. Well, maybe I am just being too picky? But the one main reason for now is that I want my pfsense ips to be my "outside" static ips so that I dont have to monkey around with both pfsense AND the dsl modem/router just to pinhole the firewall. I'm not having to much luck getting through both the dsl modem/router and pfsense. Any ideas, thoughts? Thanks for listening to my rambling and any wisdom you might impart my way. Cheers, Bill
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
