HTTPS TIMING OUT
-
https doesnt like loadbalancing
enable sticky connections(System: Advanced: Miscellaneous: Load Balancing) -
https doesnt like loadbalancing
enable sticky connections(System: Advanced: Miscellaneous: Load Balancing)…or create a firewall rule with a specific gateway for connections using port 443 (https)
-
I have tried that.
Im new to PFSENSE, i have been using watchguard for about 9 years and i believe im having trouble getting my head around how to dreat rules..I have a multi wan setup how would i create a rule that certain services go out certin gateway
Im using two DSL modems with the PPPoE on the modems and a T1 with static ip addresses. I fugured out the HTTPS part by using stickey connections but i want to spec other services from only using the T1
let say i want all pptp trafic to go our the T1 where would i configurew the rule in WAN or LAN
Its been a bit of a headache but at least i have the load balancing working now a little bit better
-
Policybased routing in watchguard terms?
If you know exact trafic port and type you can create alias, example: gw1web, what includes 80,443,8080,8081
then create rule with destination ports this alias and select advanced settings. choose gw1 from there. put this rule above default rules -
Routing services through a specific gateway must be done by firewall rules.
Create a rule for the service you like and then specify the gateway or gateway group you want to use for this.Don't know how the firewall rules take action on watchguard but pfsense is applying rules from top to down. The first rul which matches will be applied.
Hope this helps if not please post screenshots of your firewall rules and tell us what you would like to realize.
-
Same order is also in watchguard, but there is kinda floating rules, where you determine only the interfaces and/or networks where it works
-
Thanks for all the feedbacl, sticky worked perfect
now im going on to allowing specific websites for users
Please also c my static rout request
-
enable sticky connections(System: Advanced: Miscellaneous: Load Balancing)
What's the current status of the "sticky connections" feature?
There still seem to be reports of issues when enabling it, both in this forum and in http://redmine.pfsense.org/issues/337
And then there is the http://www.freebsd.org/cgi/query-pr.cgi?pr=148290
-
I'm only having single wan and have no problems with this sticky.
you can also use a rule, https is using only other wangw, if sticky is unusable -
Or, if, you have problems with "sticky connections", can create a Failover GW group and use "policy routing" to direct all "problematic" traffic to that group, i think this approach is better than have all "problematic" traffic routed to one GW.
