Thanks for the reply, Daniel!
> AFAIK, it should work.
Good to have that confirmed, thanks!
> Can you ping $isp1_gw and $isp2_gw and arp -sn is showing two
> different entries for them?
>From the firewall machine, yes, but not from machines on
the internal network.
> What is the problem? All packets always go to $isp1_gw's MAC?
Seems packets just disappear. Might be that the return
packets don't make it back - will have to set up a
separate test system, as I can't fiddle with the
firewall during daytime.
> Are you using multiple clients on $int_net?
Yes.
> Have you tried adding "keep state(soure-track global)" and
> "set timeout source-track" and checked with pfctl -sS?
No, hadn't thought about that. Thanks - will have to try.
Julf
