Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    LAN1 -> WAN1 & LAN2 -> WAN2

    Scheduled Pinned Locked Moved Routing and Multi WAN
    3 Posts 3 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • V
      velzyboard
      last edited by

      Our current pfsense box is setup with 1 WAN and 2 LANs (public and private networks)  The private network 10.255.0.0/23 is isolated from the public network 10.2.0.0/24 but both flow through the single WAN.

      On Thursday, we are getting an additional WAN connection.  I will add an interface to receive the new WAN. I don't want to do failover or load balancing.  I simply want to have the PUBLIC interface traffic go over the NEW WAN and leave the old PRIVATE interface traffic going over the existing WAN connection.

      Can somebody please direct me  to doc on how to configure this or elaborate here?

      Thanks!
      Rob

      1 Reply Last reply Reply Quote 0
      • T
        tim.mcmanus
        last edited by

        I did this by going to firewall rules and selecting a specific gateway for each LAN connection.  It's under the Advanced section of the base firewall rule.

        ![Screen Shot 2015-02-10 at 11.00.37 PM.png](/public/imported_attachments/1/Screen Shot 2015-02-10 at 11.00.37 PM.png)
        ![Screen Shot 2015-02-10 at 11.00.37 PM.png_thumb](/public/imported_attachments/1/Screen Shot 2015-02-10 at 11.00.37 PM.png_thumb)

        1 Reply Last reply Reply Quote 0
        • DerelictD
          Derelict LAYER 8 Netgate
          last edited by

          Yup. it's that easy.  Note the negate route above the one with the gateway.  That's important.

          If it were me, I'd create two gateway groups.  One made up of WAN1+WAN2 with WAN1 preferred and one made up of WAN1+WAN2 with WAN2 preferred.

          Then I'd set a rule like the above but with the group instead.  That way if one of the WANs goes down both LANs still have internet.  Unless your situation absolutely requires LAN2 egress WAN2 and never anything else.

          Chattanooga, Tennessee, USA
          A comprehensive network diagram is worth 10,000 words and 15 conference calls.
          DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
          Do Not Chat For Help! NO_WAN_EGRESS(TM)

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.