Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    2 wan and protcol binding

    Scheduled Pinned Locked Moved Routing and Multi WAN
    4 Posts 2 Posters 357 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      riccio99
      last edited by

      Hi all,

      i have setup the firewall with 2 wan and 1 lan with load balancing.

      i also added protocol binding because i want all traffic from all computer on lan that goes trough port 1588 go out with wan2.

      I would like also that when the wan2 is down no traffic for port 1558 from lan computer goes trough wan1. i want it blocked.

      How can i do it??

      thx

      1 Reply Last reply Reply Quote 0
      • DerelictD
        Derelict LAYER 8 Netgate
        last edited by

        Yeah, that gets tricky due to the nature of policy routing.

        Make a policy routing rule on the LAN interface at the top of the rule set that matches all traffic destined for port 1588 and set the WAN2 gateway on the rule. Also set that rule to mark the traffic with something like "WAN2_ONLY".

        Then make a floating rule on WAN1 in the out direction that rejects all traffic if it matches the WAN2_ONLY mark.

        Search the forum for NO_WAN_EGRESS for examples of the same technique.

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • R
          riccio99
          last edited by

          Thank you for the quick reply..

          have  i to leave the protocl binding and round robin or i have to cancel all and set the rules you suggested?

          Thank you!

          1 Reply Last reply Reply Quote 0
          • DerelictD
            Derelict LAYER 8 Netgate
            last edited by

            What I suggested completely bypasses the round-robin configuration since you are explicitly policy routing to that WAN. As long as those policy routing rules are higher in the rule set.

            Chattanooga, Tennessee, USA
            A comprehensive network diagram is worth 10,000 words and 15 conference calls.
            DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
            Do Not Chat For Help! NO_WAN_EGRESS(TM)

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.