Dual-Wan Same Subnet
-
Hi i have a problem about routing with dual wan on the same subnet
WAN1 : 142.xx.xx.27/25 gateway 142.xx.xx.1
WAN2 : 142.xx.xx.41/25 gateway same for both interfaceI have an OpenVPN tunnel that work correctly if I used the first WAN IP but if I try to used the second WAN IP ( I give .41 to remote clients for server IP ) the response from the server come from the first IP (.27) and because of that the OpenVPN clients refuse connections ( that's suppose to come from .41 ) . Any suggestion or IDEA?
-
see http://forum.pfsense.org/index.php/topic,1692.0.html for a possible workaround.
-
Do you think that proxy ARP will do the job correctly, I mean that if connect my modem together on the same card with a Proxy ARP for the second IP ?
-
Found something about problem with routing on Dual-Wan with Open BSD Doc
look at this
http://www.benzedrine.cx/pf/msg06535.html
I think that PFSense need an option to apply the "reply-to" option to is settings
-
After reading some documentation about openbsd i think that te problem is because PfSense does'nt implement the "REPLY-TO"
Read This
http://www.openbsd.org/faq/pf/pools.html
OpenBSD Doc are really done well!!!!
I switched from OpenBsd to Pfsense because I really love the web interface but I think that the command line will never be replace by a GUI , OpenBSD i'm back home!
-
We do use reply-to. Check /etc/inc/filter.inc.
-
We do use reply-to. Check /etc/inc/filter.inc.
So do you have an idea why my setup does'nt work?
-
Check out tutorials page on pfSense.com. It includes all of the steps that are needed to make this work correctly.
http://www.pfsense.com/index.php?id=36
-
http://wiki.pfsense.com/wikka.php?wakka=OutgoingLoadBalancing might be interesting too.
-
After reading some documentation about openbsd i think that te problem is because PfSense does'nt implement the "REPLY-TO"
Read This
http://www.openbsd.org/faq/pf/pools.html
OpenBSD Doc are really done well!!!!
I switched from OpenBsd to Pfsense because I really love the web interface but I think that the command line will never be replace by a GUI , OpenBSD i'm back home!
This issue has nothing to do with reply-to or whether we use it or not (we do). It has more to do with how we detect the gateways to auto-create the reply-to. I'm confident that we ignore duplicate gateways. I expect some day I'll change that code, but I'm sure that's what's biting you. If you can insert a layer 3 device between WAN2 (binat if you need to) and the duplicate gateway, your problem will likely go away.
–Bill