Next Question, has anyone had experiences running pfsense on Sun X2100 Servers?
Regards There are 10 types of people in this world, those who can read binary, and those who cannot. -----Original Message----- From: Holger Bauer [mailto:[EMAIL PROTECTED] Sent: Thursday, August 03, 2006 9:56 AM To: support@pfsense.com Subject: RE: [pfSense Support] Bridged Multi-Wan Load Balancing Failover Not only that bridging won't work for CARP it won't work with policybased routing (as the name already says) and/or loadblalancing either. How many public IPs do your T1s have? You need at least 3 IPs at each T1 that you can use to set up CARP correctly. The subnet between the pfSenses and the ASA shouldn't be the problem. Just use a subnet that is not used anywhere else in your local network (LAN, DMZ, remote VPN LANs, ...). Btw, you'll have some problems using 1:1 NAT for this kind of setup as you can't 1:1 NAT the same IP (of the ASA) to different WANs (that would be 2:1 what is not possible). You need to go along with portforwards at WAN and at WAN2 to the ASA. Then the state will handle which is the right interface to send out the reply. Holger > -----Original Message----- > From: Scott Williamson [mailto:[EMAIL PROTECTED] > Sent: Thursday, August 03, 2006 4:46 PM > To: support@pfsense.com > Subject: RE: [pfSense Support] Bridged Multi-Wan Load > Balancing Failover > > > 1:1 Nat Accept ALL:ALL? > > There are 10 types of people in this world, those who can read binary, > and those who cannot. > -----Original Message----- > From: Gary Buckmaster [mailto:[EMAIL PROTECTED] > Sent: Thursday, August 03, 2006 9:44 AM > To: support@pfsense.com > Subject: Re: [pfSense Support] Bridged Multi-Wan Load > Balancing Failover > > Scott, > > Bridging and CARP don't play nicely together, so you're going > to have to > > go another route. > > -Gary > > Scott Williamson wrote: > > Ok so here is the question, I have 2 Wan Links Sprint 3MB connection > and > > Verizon 1.5 MB connection. I am wanting to Load Balance across both > > connections and use a secondary pfsense firewall for failover. The > > company I work for mad a sizeable investment in 2 Cisco ASA 5520's > that > > we are throwing into the picture as well. Here is a rough > diagram of > > what I would like to do: > > > > > > Sprint T1's| |Verizon T1 > > | | > > | | > > PFSENSE Main - Standby PFSENSE > > | > > | > > ASA 5520 - Standby 5520 > > | | | > > DMZ LAN DMZ2 > > > > > > I am just wanting to bridge all traffic and the external > IP's through > > the PFSENSE and allow the ASA 5520's to do the firewalling and VPN. > Is > > this possible or is there a better soulution? > > > > Regards, > > Scott Williamson > > > > > > There are 10 types of people in this world, those who can > read binary, > > and those who cannot. > > > > > > DISCLAIMER: > > > > This e-mail is only intended for the person(s) to whom it > is addressed > and may contain confidential information. If you have received this > e-mail in error, please notify us immediately by reply e-mail and then > delete this message from your system. Please do not copy it or use it > for any purposes, or disclose its contents to any other person without > the consent of the sender. Unless expressly stated herein to the > contrary, only agreements in writing, signed by an authorized > officer of > the Company, may be enforced against it. > > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
