MULTI-WAN OPT No Internet Access

mandusm

Hi Guys.

I hope this hasn't been asked before but I have been searching for quite a couple of days, and I followed the 1.2 Multi-WAN setup howto on the pfsense website down to the letter, and I have googled and searched the forum to find an answer and to no-avail.

I have pfsense 1.2 installed on a physical machine with 3 NIC's.

Network Interface assignments:
LAN -> msk0  IP 10.0.0.2
WAN -> rl0    IP 10.0.0.49 | Gateway 10.0.0.3
OPT1 -> rl1    IP 10.0.1.4 | Gateway 10.0.1.3

I then have 2 ADSL Modem/Routers that creates a PPPOE connection to my ISP. Both of them are 4MB/s connections, and I set the routers to having static IP's

Router 1: 10.0.0.3 [Used by WAN]
Router 2: 10.0.1.3 [Used by OPT1]

I set up the load balancing fine and everything works perfectly except for one small thing. OPT1 does not seem to have any internet access. When I go into the diagnostics panel, and ping the router from the OPT1 interface on 10.0.0.1.3 I get the perfect ping reply. But when I try to ping google.com from the OPT1 interface, it resolves the DNS but I receive no reply.

I have added and deleted NAT records, firewall rules and everything, but nothing seems to give OPT1 internet access. Although, when I log into the 10.0.1.3 router, it does show that it's connected to the internet and working fine.

This is quite an urgent matter, and I wold appreciate any help…

Perry

Recheck that the CIDR you set for wan2 is correct.

mandusm

Uhm, PFense noob here..

CIDR?

Perry

http://lmgtfy.com/?q=CIDR :) = subnet mask and 24 are most likely the value you want. 10.0.1.4 / 24

mandusm

Ahh yes.

All of the IP's are on the /24 subnet mask. 10.0.0.0/254 and 10.0.1.0/254

And I can ping the router, just not a website.

Perry

There is a note on the ping page stating that  Multi-wan is not supported from this utility currently.
If you want to ping / traceroute something from pfSense itself and out on opt1 you will have to create a static route. You use load balancing so try setting opt1 monitor ip to 208.67.220.220 and a static route will be created for that ip and that ip will then be ping able.

mandusm

Thanks. I'll try that. Allthough I am not very optimistic, because even when I make the monitor ip for wan2 googles ip or some internet ip, the load balancer still says offline.

When i make the monitor io the routers ip and the loas balancing shows everything as active, then I lose all connectivity…

mandusm

I tried that, didnt work…

mandusm

Okay, this is really weird…

I can ping something, eg google.com 74.x.xxxx whatever.

I receive a reply, but as soon as I add that to the monitor ip, it is no longer pingable???

Perry

I would recommend that you use traceroute instead of ping, so you know your using the right gateway.

FYI There is a pfSense book for sale that could guide you.

mandusm

really, where can I find it?

Thanks

Perry

http://blog.pfsense.org/?p=509