Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    MULTIWAN + route all request for one site to one gateway

    Scheduled Pinned Locked Moved Routing and Multi WAN
    2 Posts 1 Posters 927 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S Offline
      Summer
      last edited by

      I've managed to get a multiwan with load balanced traffic to LAN trought squid3, everything seems fine but I cannot access a site, after insert of correct login credentials.

      The website is "techdata.it":

      looking at it with wireshark on a client it calls a number of other domains.

      In the states there is a huge number of row, and firewall logs keep saying that it has blocked connection

       block
	Jan 12 16:36:20 	LAN 	Default deny rule IPv4 (@3)		Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2457 	Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 80.152.49.70:80		TCP:A
block
	Jan 12 16:36:19 	LAN 	Default deny rule IPv4 (@3)		Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2470 	Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 80.152.49.91:80		TCP:FA
block
	Jan 12 16:36:19 	LAN 	Default deny rule IPv4 (@3)		Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2471 	Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 80.152.49.91:80		TCP:FA
block
	Jan 12 16:36:16 	LAN 	Default deny rule IPv4 (@3)		Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2471 	Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 80.152.49.91:80		TCP:A
block
	Jan 12 16:36:16 	LAN 	Default deny rule IPv4 (@3)		Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2470 	Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 80.152.49.91:80		TCP:A
block
	Jan 12 16:36:14 	LAN 	Default deny rule IPv4 (@3)		Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2479 	Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 80.152.49.70:443		TCP:PA
block
	Jan 12 16:36:09 	LAN 	Default deny rule IPv4 (@3)		Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2479 	Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 80.152.49.70:443		TCP:PA
block
	Jan 12 16:36:07 	LAN 	Default deny rule IPv4 (@3)		Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2479 	Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 80.152.49.70:443		TCP:PA
block
	Jan 12 16:36:06 	LAN 	Default deny rule IPv4 (@3)		Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2479 	Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 80.152.49.70:443		TCP:PA
block
	Jan 12 16:36:06 	LAN 	Default deny rule IPv4 (@3)		Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2479 	Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 80.152.49.70:443		TCP:A
block
	Jan 12 16:36:06 	LAN 	Default deny rule IPv4 (@3)		Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2479 	Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 80.152.49.70:443		TCP:A
block
	Jan 12 16:36:06 	LAN 	Default deny rule IPv4 (@3)		Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2479 	Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 80.152.49.70:443		TCP:PA
block
	Jan 12 16:36:00 	LAN 	Default deny rule IPv4 (@3)		Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2460 	Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 80.152.49.91:80		TCP:PA
pass
	Jan 12 16:35:43 	LAN 	USER_RULE TEC (@287)		Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:1029 	Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 10.7.208.255:1947 	UDP
block
	Jan 12 16:35:42 	LAN 	Default deny rule IPv4 (@3)		Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2460 	Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 80.152.49.91:80		TCP:PA
pass
	Jan 12 16:35:39 	LAN 	USER_RULE TEC (@287)		Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:1029 	Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 255.255.255.255:1947 	UDP
block
	Jan 12 16:35:36 	LAN 	Default deny rule IPv4 (@3)		Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2466 	Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 173.194.78.113:80		TCP:A
block
	Jan 12 16:35:36 	LAN 	Default deny rule IPv4 (@3)		Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2467 	Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 173.194.78.113:80		TCP:A
block
	Jan 12 16:35:35 	LAN 	Default deny rule IPv4 (@3)		Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2457 	Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 80.152.49.70:80		TCP:A
block
	Jan 12 16:35:33 	LAN 	Default deny rule IPv4 (@3)		Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2460 	Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 80.152.49.91:80		TCP:PA
block
	Jan 12 16:35:31 	LAN 	Default deny rule IPv4 (@3)		Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2471 	Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 80.152.49.91:80		TCP:FA
block
	Jan 12 16:35:31 	LAN 	Default deny rule IPv4 (@3)		Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2470 	Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 80.152.49.91:80		TCP:FA
block
	Jan 12 16:35:29 	LAN 	Default deny rule IPv4 (@3)		Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2460 	Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 80.152.49.91:80		TCP:PA
block
	Jan 12 16:35:27 	LAN 	Default deny rule IPv4 (@3)		Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2460 	Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 80.152.49.91:80		TCP:PA
block
	Jan 12 16:35:26 	LAN 	Default deny rule IPv4 (@3)		Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2479 	Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 80.152.49.70:443		TCP:A
block
	Jan 12 16:35:26 	LAN 	Default deny rule IPv4 (@3)		Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2460 	Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 80.152.49.91:80		TCP:PA

      to  their 443 port managed by Default deny on LAN.

      I've disabled squid and got the same problem.

      I've tried to connect to it directly from router, without the pfsense,  and it works but a lot of those appear on wireshark:
      1648 39.536819000 myip 80.152.49.70 TCP 66 58435→80 [ACK] Seq=14530 Ack=169658 Win=8388480 Len=0 TSval=2976636 TSecr=3735210023

      Is there a way to route the traffic that should go to this site trought only one gateway?

      1 Reply Last reply Reply Quote 0
      • S Offline
        Summer
        last edited by

        up! every help is appreciated

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.