Multi-WAN - Impossible to use an other gateway

Greg 0

Hello,
I have 2 WAN: 192.168.1.1 and 192.168.1.253.
And I want to put a psfense firewall to control the flow between its 2 boxes.
The ip of the firewall would be 192.168.1.232 and forwarding to the boxes.
Thus, each PC will have the IP of the firewall as its gateway.

Currently, the flows manage to pass through the gateway 192.168.1.1, but impossible to pass the flows on the other gateway.

The following input errors have been detected:

IPv4 address is used or overlaps with: LAN (192.168.1.232/24)

viragomann

@greg-0 said in Multi-WAN - Impossible to use an other gateway:

IPv4 address is used or overlaps with: LAN (192.168.1.232/24)

That's correct. You cannot put two interfaces of pfSense into the same subnet.

If you need to have both routers in the same subnet for whatever reason, you have to put a switch in front of pfSense.

Greg 0

Thank you for your reply,
That is to say, put the router on a 2nd VLAN?

viragomann

@greg-0
Two ways:

• each router is connect to a different pfSense interface: set up different subnets for each.
• both routers are connected to the same interface: put a switch between and use the same subnet on both and pfSense.

Greg 0

Hello again,
I changed my box address to 192.168.100.254.

Now I have a firewall with 3 interfaces:
192.168.31.232 (local network)
192.168.31.230 (WAN) : Gateway 192.168.31.61
192.168.100.100 (WAN2) : Gateway 192.168.100.254

I carried out ping tests and my machine on the LAN can communicate with my 2 WANs, however, how can I ensure that the HTTP and HTTPS flows only pass on WAN2 and the rest of the flows on the other WAN?

thank you for your help

NogBadTheBad

@greg-0 said in Multi-WAN - Impossible to use an other gateway:

Hello again,
I changed my box address to 192.168.100.254.

Now I have a firewall with 3 interfaces:
192.168.31.232 (local network)
192.168.31.230 (WAN) : Gateway 192.168.31.61
192.168.100.100 (WAN2) : Gateway 192.168.100.254

I carried out ping tests and my machine on the LAN can communicate with my 2 WANs, however, how can I ensure that the HTTP and HTTPS flows only pass on WAN2 and the rest of the flows on the other WAN?

thank you for your help

You still have an overlap unless its a typo.

Re the HTTP & HTTPS question search the forum for policy based routing, it's one of the more common questions here.

https://docs.netgate.com/pfsense/en/latest/multiwan/concepts.html#multiwan-policyrouting

A Former User

Is there one router only in front of the pfSense and I was not getting it right out how many pfSense boxes will be in that game! Anyway, what you was trying out in the first post will be able to set up since version 2.7.0 of pfSense will be out.

The second thing you should know, is how it works.

1. Set up a Gateway group
2. Set up Tier1 and Tier2
3. Choose a load balancing method between three;

• policy based routing
• service based routing
• session based routing

Set up your load balancing and Gateway rules and marl the WAN interfaces accepting the "class c" IP addresses.

Read slow again, word for word, the last comment from @NogBadTheBad

You still have an overlap unless its a typo.