@ironwood Yes, if you have a policy routing rule on an interface you have add an additional route for permiting internal traffic above of it. This also concerns access to services provided by pfSense itself like DNS.

We haven't seen any failures with UDP in our internal testing of reply-to on 2.5.2-RC. The fix in pf was not specific to TCP, so it's unlikely to be related to whatever problem you're seeing with that PBX.

It's probably due to https://redmine.pfsense.org/issues/11296 You can revert the change there or disable gateway monitoring/monitoring actions for the gateway which is the target of the route and see if it helps.

Please Disregard. I forgot to configure my NAT OUTBOUND.

So your policy routing and forcing traffic out wan 1?, because you have not failed over. So yeah how would you get to wan 2 IP something.. What are the rules on your lan - did you set a gateway forcing traffic out that gateway? https://docs.netgate.com/pfsense/en/latest/multiwan/policy-route.html#bypassing-policy-routing

I created one, this seems like it would be a useful feature: https://redmine.pfsense.org/issues/12077

@daddygo I thank you for the answer.

@miesje said in Dual WAN IP routing: I had to remove the dhcp gateway WAN02 from the WAN02 rule, to default. Didn't notice the gateway setting before. No, the gateway option in a filter rule is only meant for policy routing and that is mostly not wanted on incoming traffic.

@pete35 Windows firewall blocks SMB from outside it's own subnet by default..... Did you check that?

Ok that is a start. So you have a vpn to 192.168.4? You have another connection in this 192.168.4 network along with your wan? You are just routing without vpn at 192.168.4 router to 192.168.1? via this public IP? And this 192.168.4 network also has a wan IP in this /29 public network? I REALLY suggest you get with your company IT dept about adding a firewall to your site, especially since it seems they don't even allow you access to your sites router?

@disakos Take a look here.

@kiokoman Thanks, data-payload = 2 resolved issue with one of my WANs

@tharun518 Corrected it.

@dono96 said in Routing thru 2 pfsenses: add more clients and pfsenses Why do you think you need more pfsenses? There is no point to adding firewalls for the sake of firewalls.. You could have hundreds of vlans firewalled from each other with 1 pfsense. FTP is dead - only thing you should be looking to do with that protocol is not use it ;)