Gateway group failing to pass http/https traffic
-
Hi All,
I am currently running 2.0.2-RELEASE (i386)/FreeBSD 8.1-RELEASE-p13 and am having an issue at the moment using multiple wan connections in a gateway group. We have three ADSL connections running on the site connect to WAN, OPT1 and OPT2 addressed as follows
WAN -> 192.186.22.250 Gateway (WANGW) 192.168.22.1
OPT1 -> 192.168.21.250 Gateway (OPT1GW) 192.168.21.1
OPT2 -> 192.168.20.250 Gateway (OPT2GW) 192.168.20.1LAN Subnet 192.168.24.0
LAN interface 192.168.24.1Our gateway group is called mulitwan and has all three WAN connections in it as tier1 connections (round robin).
Currently if we configure the LAN firewall rule to use the mulitwan gateway group as its gateway none of the machines on the LAN can browse websites (Secure and Nonsecure). However if I set the gateway to be our WANGW then there is no issue.
If I revert the gateway back to our gateway group and use something like bitorrent then I can see traffic going out all interfaces. I can also see SIP and DNS traffic successfully going out using the gateway group. However as soon as we revert to the gateway group then we will lose the ability to browse the internet on machines behind the firewall.
I have tried adding floating rules, ameding DHCP to pass google DNS servers to clients just in case it was a DNS thing all to no avail. All gateways are showing as up as per status > gateways and I can ping a host on the internet from each wan interface using diagnostics > ping
We had been following http://doc.pfsense.org/index.php/Multi-WAN_2.0 as our initial guide on configuration. I was hoping someone might have a pointer as to where I could go next
Thanks,
John -
Just looking at this and it seems that despite having a Gateway group netstat -r is showing me that my default gateway is still the wan connection
Routing tables
Internet:
Destination Gateway Flags Refs Use Netif Expire
default 192.168.22.1 UGS 0 374223 re0
a.resolvers.level3 192.168.20.1 UGHS 0 64291 re2
google-public-dns- 192.168.22.1 UGHS 0 69587 re0
google-public-dns- 192.168.21.1 UGHS 0 69611 re1
localhost link#11 UH 0 102 lo0
192.168.17.0 192.168.17.2 UGS 0 293674 ovpns1
192.168.17.1 link#12 UHS 0 0 lo0
192.168.17.2 link#12 UH 0 0 ovpns1
192.168.20.0 link#3 U 0 1980 re2
192.168.20.250 link#3 UHS 0 0 lo0
192.168.21.0 link#2 U 0 267 re1
192.168.21.250 link#2 UHS 0 0 lo0
192.168.22.0 link#1 U 0 1185 re0
192.168.22.250 link#1 UHS 0 0 lo0
192.168.24.0 link#5 U 0 2617792 xl0
server1 link#5 UHS 0 0 lo0
resolver2.opendns. 192.168.20.1 UGHS 0 290 re2
obmr.btconnect.com 192.168.22.1 UGHS 0 4879 re0