Going out different WAN with NAT1:1
-
I'm trying to configure my system to work with 2 WAN from different ISP.
one WAN have 5 Static ip and the other one have 8 Static IP. I'm running pfsense 1.2.2 embedded on ALIX2D3 hardware
which have 3 NIC port. my 1st NIC is being use as a local area network on 192.168.1.0/24 subnet, my 2nd NIC is being use as WAN1
and my 3rd NIC is being use as WAN2.Setup:
NIC 1:
DHCP Local computers: 192.168.1.100-200/24
Public DNS Server: 192.168.1.16/24
Web Server: 192.168.1.80/24
Mail Server: 192.168.1.11/24NIC 2 (WAN1):
IP: 76.x.x.2/29
Gateway: 76.x.x.1NIC 3 (WAN2):
IP: 68.x.x.2/24
Gateway: 68.x.x.1Virtual IPs NIC 2 (WAN1):
IP: 76.x.x.3/32 - 76.x.x.6/32 (Single address)
Type: Proxy ARPVirtual IPs NIC 3 (WAN2):
IP: 68.x.x.3/32 - 68.x.x.9/32 (Single address)
Type: Proxy ARPAliases:
iServers: 192.168.1.16, 192.168.1.80, 192.168.1.11LAN Rules:
Proto: *, Source: iServers, Port: *, Destination: *, Port: *, Gateway: 76.x.x.1, Shedule:, Description: Servers –> going out WAN1
Proto: *, Source: LAN Subnet, Port: *, Destination: *, Port: *, Gateway: 68.x.x.1, Shedule:, Description: LAN subnet --> going out WAN2Port Forward:
if: WAN, Proto: UDP, Ext. port range: 53 (DNS), NAT IP: 192.168.1.16, Int. port range: 53 (DNS), Description: DNS Server --> WAN1
if: WAN, Proto: TCP, Ext. port range: 80 (HTTP), NAT IP: 192.168.1.80, Int. port range: 80 (HTTP), Description: Web Server --> WAN1
if: WAN, Proto: TCP, Ext. port range: 443 (HTTPS), NAT IP: 192.168.1.80, Int. port range: 80 (HTTPS), Description: Web Server Secure --> WAN1
if: WAN, Proto: TCP, Ext. port range: 25 (SMTP), NAT IP: 192.168.1.11, Int. port range: 25 (SMTP), Description: Mail Server --> WAN1WAN Rules:
Proto: *, Source: RFC 1918 networks, Port: *, Destination: *, Port: *, Gateway: *, Schedule: *, Description: Block private networks
Proto: *, Source: reserved/not assigned by IANA, Port: *, Destination: *, Port: *, Gateway: *, Schedule: *, Description: Block bogon networksProto: UDP, Source: *, Port: *, Destination: 192.168.1.16, Port: 53, Gateway: *, Schedule:, Description: NAT DNS Server --> WAN 1
Proto: TCP, Source: *, Port: *, Destination: 192.168.1.80, Port: 80, Gateway: *, Schedule:, Description: NAT Web Server --> WAN 1
Proto: TCP, Source: *, Port: *, Destination: 192.168.1.80, Port: 443, Gateway: *, Schedule:, Description: NAT Web Server Secure --> WAN 1
Proto: TCP, Source: *, Port: *, Destination: 192.168.1.11, Port: 25, Gateway: *, Schedule:, Description: NAT Mail Server --> WAN 1NAT: 1:1
Interface:WAN, External IP: 76.x.x.3 , Internal IP: 192.168.1.16, Description: Public DNS Server
Interface:WAN, External IP: 76.x.x.4 , Internal IP: 192.168.1.80, Description: Web Server
Interface:WAN, External IP: 76.x.x.5 , Internal IP: 192.168.1.11, Description: Mail ServerInterface:WAN2, External IP: 68.x.x.3 , Internal IP: 192.168.1.100, Description: Internet User 1
Interface:WAN2, External IP: 68.x.x.4 , Internal IP: 192.168.1.101, Description: Internet User 2Problem:
I'm able to get all the servers to go out on WAN1 and i can see that each server going out with it own public ip i have set for them in NAT1:1, however I'm not able to get the computer 192.168.1.100 and 192.168.1.101 to go out on WAN2. I'm missing something?
-
Problem:
I'm able to get all the servers to go out on WAN1 and i can see that each server going out with it own public ip i have set for them in NAT1:1, however I'm not able to get the computer 192.168.1.100 and 192.168.1.101 to go out on WAN2. I'm missing something?
You seem to have the correct rule (the second LAN Rule). Try replacing the source directly as 192.168.1.0/24. Set the type to Network and put in the address range directly.