MULTIWAN + route all request for one site to one gateway
-
I've managed to get a multiwan with load balanced traffic to LAN trought squid3, everything seems fine but I cannot access a site, after insert of correct login credentials.
The website is "techdata.it":
looking at it with wireshark on a client it calls a number of other domains.
In the states there is a huge number of row, and firewall logs keep saying that it has blocked connection
block Jan 12 16:36:20 LAN Default deny rule IPv4 (@3) Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2457 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 80.152.49.70:80 TCP:A block Jan 12 16:36:19 LAN Default deny rule IPv4 (@3) Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2470 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 80.152.49.91:80 TCP:FA block Jan 12 16:36:19 LAN Default deny rule IPv4 (@3) Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2471 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 80.152.49.91:80 TCP:FA block Jan 12 16:36:16 LAN Default deny rule IPv4 (@3) Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2471 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 80.152.49.91:80 TCP:A block Jan 12 16:36:16 LAN Default deny rule IPv4 (@3) Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2470 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 80.152.49.91:80 TCP:A block Jan 12 16:36:14 LAN Default deny rule IPv4 (@3) Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2479 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 80.152.49.70:443 TCP:PA block Jan 12 16:36:09 LAN Default deny rule IPv4 (@3) Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2479 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 80.152.49.70:443 TCP:PA block Jan 12 16:36:07 LAN Default deny rule IPv4 (@3) Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2479 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 80.152.49.70:443 TCP:PA block Jan 12 16:36:06 LAN Default deny rule IPv4 (@3) Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2479 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 80.152.49.70:443 TCP:PA block Jan 12 16:36:06 LAN Default deny rule IPv4 (@3) Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2479 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 80.152.49.70:443 TCP:A block Jan 12 16:36:06 LAN Default deny rule IPv4 (@3) Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2479 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 80.152.49.70:443 TCP:A block Jan 12 16:36:06 LAN Default deny rule IPv4 (@3) Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2479 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 80.152.49.70:443 TCP:PA block Jan 12 16:36:00 LAN Default deny rule IPv4 (@3) Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2460 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 80.152.49.91:80 TCP:PA pass Jan 12 16:35:43 LAN USER_RULE TEC (@287) Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:1029 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 10.7.208.255:1947 UDP block Jan 12 16:35:42 LAN Default deny rule IPv4 (@3) Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2460 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 80.152.49.91:80 TCP:PA pass Jan 12 16:35:39 LAN USER_RULE TEC (@287) Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:1029 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 255.255.255.255:1947 UDP block Jan 12 16:35:36 LAN Default deny rule IPv4 (@3) Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2466 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 173.194.78.113:80 TCP:A block Jan 12 16:35:36 LAN Default deny rule IPv4 (@3) Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2467 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 173.194.78.113:80 TCP:A block Jan 12 16:35:35 LAN Default deny rule IPv4 (@3) Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2457 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 80.152.49.70:80 TCP:A block Jan 12 16:35:33 LAN Default deny rule IPv4 (@3) Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2460 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 80.152.49.91:80 TCP:PA block Jan 12 16:35:31 LAN Default deny rule IPv4 (@3) Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2471 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 80.152.49.91:80 TCP:FA block Jan 12 16:35:31 LAN Default deny rule IPv4 (@3) Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2470 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 80.152.49.91:80 TCP:FA block Jan 12 16:35:29 LAN Default deny rule IPv4 (@3) Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2460 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 80.152.49.91:80 TCP:PA block Jan 12 16:35:27 LAN Default deny rule IPv4 (@3) Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2460 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 80.152.49.91:80 TCP:PA block Jan 12 16:35:26 LAN Default deny rule IPv4 (@3) Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2479 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 80.152.49.70:443 TCP:A block Jan 12 16:35:26 LAN Default deny rule IPv4 (@3) Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List myclientip:2460 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 80.152.49.91:80 TCP:PA
to their 443 port managed by Default deny on LAN.
I've disabled squid and got the same problem.
I've tried to connect to it directly from router, without the pfsense, and it works but a lot of those appear on wireshark:
1648 39.536819000 myip 80.152.49.70 TCP 66 58435→80 [ACK] Seq=14530 Ack=169658 Win=8388480 Len=0 TSval=2976636 TSecr=3735210023Is there a way to route the traffic that should go to this site trought only one gateway?
-
up! every help is appreciated