Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How do I specify LAN IP to specific WAN and other port traffic to specific WAN?

    Scheduled Pinned Locked Moved Routing and Multi WAN
    7 Posts 5 Posters 3.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S Offline
      sugarcrum
      last edited by

      Apologizes up front; I'm new to pfSense trying to learn the capabilities and how to explore them. I have read a lot in the forums, lots of information but it may be a case of information overload in my case (or not looking in the right spot). I have not been able to find exactly what I'm looking for; my head is about to explode with all the information!

      I have two separate ISP connections. My plan is to setup dual WAN load balanced. I've found lots of good setup instructions for doing this; so, currently no questions on this.

      My questions are around how to properly setup a few things. I will provide a very simple and clear scenario (I hope) using familiar ports (80, 21) to illustrate what I'm trying to attempt.

      Single LAN; will setup IP to each computer on the LAN by MAC (hopefully pfSense can do this).

      WAN 1 and WAN 2

      LAN
      CPU A: 192.168.1.200
      CPU B: 192.168.1.201
      CPU C: 192.168.1.202
      CPU D: 192.168.1.203

      Setup Questions:

      • I would like to have all traffic from CPU A go to WAN 1 only.

      • I would like to have all traffic from CPU B go to WAN 2 only.

      • CPU C and D should be balanced between WAN 1 and WAN 2.

      I will have a few more CPU setup to go to WAN 1 or WAN 2 specifically as well as a few more CPU balanced.

      however

      • I would like all traffic on port 80 to go through WAN 1 (with exception of CPU B; as noted above CPU B should go to WAN 2 always)

      • I would like all traffic on port 21 to go through WAN 2 (with exception of CPU A; as noted above CPU A should go to WAN 1 always)

      Is this setup possible? If so, could someone show me a few screen-caps or instructions on how this could be setup?

      Thanks in advance for any help possible; very much appreciated.

      1 Reply Last reply Reply Quote 0
      • N Offline
        Nachtfalke
        last edited by

        You can do this:

        LoadBalancing:
        You setup a group with WAN1 and WAN2 both Tier 1. This is LoadBalancing.

        Static IP for LAN Clients:
        Add the MAC address of the client to the DHCP server static mapping. So the client will always get the same IP. Do this for your "CPUs"

        The rest will be done with simple firewall rules. Firewall rules will be processed from TOP to BOTTOM. First rule that matches will be used.
        This order will probably do what you like:

        First:
        source-ip/port: IP of CPU A
        destination-ip/port: any
        Gateway: WAN1

        Second:
        source-ip/port: IP of CPU B
        destination-ip/port: any
        Gateway: WAN2

        Third:
        source-ip/port: any
        destination-ip: any
        destination-port: 80
        Gateway: WAN1

        Fourth:
        source-ip/port: any
        destination-ip: any
        destination-port: 21
        Gateway: WAN2

        Fifth:
        source-ip/port and destination-ip/port: any
        Gateway: Your LoadBalance Group

        That's all!

        1 Reply Last reply Reply Quote 0
        • S Offline
          sugarcrum
          last edited by

          Looks straight forward and simple. Thanks! I will be setting up this week; will give this a shot. Much appreciated for quick response.

          1 Reply Last reply Reply Quote 0
          • Y Offline
            yon
            last edited by

            @Nachtfalke:

            You can do this:

            LoadBalancing:
            You setup a group with WAN1 and WAN2 both Tier 1. This is LoadBalancing.

            Static IP for LAN Clients:
            Add the MAC address of the client to the DHCP server static mapping. So the client will always get the same IP. Do this for your "CPUs"

            The rest will be done with simple firewall rules. Firewall rules will be processed from TOP to BOTTOM. First rule that matches will be used.
            This order will probably do what you like:

            First:
            source-ip/port: IP of CPU A
            destination-ip/port: any
            Gateway: WAN1

            Second:
            source-ip/port: IP of CPU B
            destination-ip/port: any
            Gateway: WAN2

            Third:
            source-ip/port: any
            destination-ip: any
            destination-port: 80
            Gateway: WAN1

            Fourth:
            source-ip/port: any
            destination-ip: any
            destination-port: 21
            Gateway: WAN2

            Fifth:
            source-ip/port and destination-ip/port: any
            Gateway: Your LoadBalance Group

            That's all!

            where are setup this rules?

            which in Floating wan lan wan2 ?

            If you are interested in free peering for clearnet and dn42,contact me !

            1 Reply Last reply Reply Quote 0
            • pttP Offline
              ptt Rebel Alliance
              last edited by

              That Rules go on LAN Tab, for more info, check the Docs  ;)

              http://doc.pfsense.org/index.php/Main_Page

              1 Reply Last reply Reply Quote 0
              • Y Offline
                yon
                last edited by

                @ptt:

                That Rules go on LAN Tab, for more info, check the Docs  ;)

                http://doc.pfsense.org/index.php/Main_Page

                thanks..  ;)

                If you are interested in free peering for clearnet and dn42,contact me !

                1 Reply Last reply Reply Quote 0
                • T Offline
                  ttboy23
                  last edited by

                  is this setup is possible for redirecting my yahoo messenger to my WAN.. coz i noticed its taking much bandwidth in my OPT1…coz my wan is for browsing and my opt1 is for my online games...everytime they using YM it becomes too lag ...

                  thanks in advance

                  YM voice chat port = TCP 5000-5001 UDP 5000 - 5010
                  YM message port = TCP 5050
                  YM webcam port = TCP 5100

                  FIREWALL=RULES=LAN

                  interface =
                  protocol =
                  source =
                  destination =
                  gateway =

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.