Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    2.2.2 - MultiWAN Failover - SMTP Notifications & Firewall Restrictions

    Scheduled Pinned Locked Moved Routing and Multi WAN
    3 Posts 2 Posters 1.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M Offline
      morphix
      last edited by

      Hi Guys,

      I've previously setup a couple of clients with pfsense for Single WAN - Single/Multi LAN and those have all worked great.

      I am both testing for myself and client, of having MultiWAN failover.

      In these circumstances, it is a DSL connection as the WAN, 3G/4G Wireless as the failover.

      I have configured the gateway group, and the failover seems to work as expected.

      I am having the following 2 issues:

      1. During the failover process, the automatic SMTP Notification is not working when its using 3G/4G, despite the internet connection working.

      If i manually hit test on the notification page, it sends out (if using DSL or 3G).

      When looking through logs, i am getting an error about not being able to contact the SMTP server during this process.

      The issue is not related to the remote SMTP server, but either routing or firewalling on the pfsense machine.

      2. Currently with the failover, all traffic is allowed out, as per the default rules. Due to the cost of 3G/4G services, i am needing/wanting to have heavily restricted rules ONLY when on the 3G/4G service, can this be done?

      These 2 above, are the biggest things for both myself and the client who wants this.

      Any help or suggestions would be appreciated.

      1 Reply Last reply Reply Quote 0
      • M Offline
        morphix
        last edited by

        Instead of trying to get the SMTP messages working (which failed multiple times), i've instead opted to monitor this connection using external machine running Zabbix, this works fine for this purpose.

        I have also found out that, by fine tuning the Outbound NAT rules on the 3G/4G interface, i can limit what protocol/ports are allowed to go out that connection, but this is not ideal.

        Still awaiting for others to reply if possible.

        1 Reply Last reply Reply Quote 0
        • C Offline
          collectivetrader
          last edited by

          I'm having exactly the same issue here on 2.2.2 (and incidentally also on 2.2.3) about the SMTP notifications not working on the failover connection.

          I would like to have it solved if possible as I don't have other means of monitoring the connections on the WAN side of this firewall.
          I was thinking the "DNS Consideratons" on the docs page (https://doc.pfsense.org/index.php/Multi-WAN) got something to do with it but I doubt this is the case. I've set a specific WAN connection for each manual DNS server listed (which are all addressable from any of the WANs) but still no luck.

          When I bring down WAN1 manually from the interface, the failover works and does send me an email over WAN2. When I, however, simulate failover by pulling the network cable of WAN1, the system log mentions it cannot reach the smtp server (through WAN2).

          I have no specific firewall rules setup on SMTP at all so that can't be it either.

          Any suggestions, anyone?

          Thanks in advance,
          Walter

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.