Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Static route to WAN2 is not working

    Scheduled Pinned Locked Moved Routing and Multi WAN
    15 Posts 2 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • DerelictD
      Derelict LAYER 8 Netgate
      last edited by

      What you show there has nothing to do with policy routing.

      And you almost NEVER want to set source ports. They are almost always random.

      Did you set the gateway to the WAN2 gateway on that rule?

      Please: https://docs.netgate.com/pfsense/en/latest/book/multiwan/policy-routing-configuration.html#configuring-firewall-rules-for-policy-routing

      Chattanooga, Tennessee, USA
      A comprehensive network diagram is worth 10,000 words and 15 conference calls.
      DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
      Do Not Chat For Help! NO_WAN_EGRESS(TM)

      1 Reply Last reply Reply Quote 0
      • L
        limez17
        last edited by

        Hi @Derelict,

        I'm quiet confuse on "Policy routing", can you enlighten me?

        I already set source port into "any", but still same result.

        Yes I've set WAN2 as gateway:
        2d4f99df-14a0-47ae-9891-baf55dd0917c-image.png

        Traceroute is showing 1st hop is my WAN2:
        3b81d785-f930-4369-906e-9c7d339858e0-image.png

        But then again, my local server isn't routing it to my WAN2. It's still routing to my WAN1.

        1 Reply Last reply Reply Quote 0
        • DerelictD
          Derelict LAYER 8 Netgate
          last edited by

          Your rule shows no matching traffic. Are you certain that is what you are supposed to be matching?

          Policy routing is all described in the link I posted multiple times.

          Chattanooga, Tennessee, USA
          A comprehensive network diagram is worth 10,000 words and 15 conference calls.
          DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
          Do Not Chat For Help! NO_WAN_EGRESS(TM)

          1 Reply Last reply Reply Quote 0
          • L
            limez17
            last edited by

            Hi @Derelict,

            Yes, I'm certain. By the way I already changed the source into my local server IP "192.168.1.250":
            483e899b-ab4f-44ed-86e3-2fab01543597-image.png

            But still it won't work. Traffic is still routing via WAN1.

            About policy routing. You mean adding rules on my LAN interface right? If so, I already followed and tested. It also won't work.

            DerelictD 1 Reply Last reply Reply Quote 0
            • DerelictD
              Derelict LAYER 8 Netgate @limez17
              last edited by

              @limez17 That has no choice but to route to WAN2 if the source, destination and port match.

              This stuff just works. If that is not working then you have to figure out what is not matching, what the problem with how you are testing is, etc.

              You also might have to clear states after making changes to the rule configuration. It only policy routes NEW connections.

              Chattanooga, Tennessee, USA
              A comprehensive network diagram is worth 10,000 words and 15 conference calls.
              DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
              Do Not Chat For Help! NO_WAN_EGRESS(TM)

              1 Reply Last reply Reply Quote 0
              • L
                limez17
                last edited by

                @Derelict said in Static route to WAN2 is not working:

                You also might have to clear states after making changes to the rule configuration. It only policy routes NEW connections.

                @Derelict Noted on that. I've been trying to figure this out from day to day. I hope to find the resolution soon. Thank you for replying on my topic. I appreciate it.
                Will try to clear states as well. How long reset state should take?

                1 Reply Last reply Reply Quote 0
                • DerelictD
                  Derelict LAYER 8 Netgate
                  last edited by

                  Instantly.

                  Chattanooga, Tennessee, USA
                  A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                  DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                  Do Not Chat For Help! NO_WAN_EGRESS(TM)

                  1 Reply Last reply Reply Quote 0
                  • L
                    limez17
                    last edited by

                    @Derelict mine is just stuck in loading

                    1 Reply Last reply Reply Quote 0
                    • DerelictD
                      Derelict LAYER 8 Netgate
                      last edited by

                      What is?

                      Chattanooga, Tennessee, USA
                      A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                      DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                      Do Not Chat For Help! NO_WAN_EGRESS(TM)

                      1 Reply Last reply Reply Quote 0
                      • L
                        limez17
                        last edited by

                        @Derelict when i'm trying to reset states

                        1 Reply Last reply Reply Quote 0
                        • DerelictD
                          Derelict LAYER 8 Netgate
                          last edited by

                          Resetting states will reset the state you are accessing the firewall using. You might need to reload the browser page.

                          Chattanooga, Tennessee, USA
                          A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                          DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                          Do Not Chat For Help! NO_WAN_EGRESS(TM)

                          1 Reply Last reply Reply Quote 0
                          • L
                            limez17
                            last edited by

                            @Derelict noted on that. Does a reboot also reset state?

                            1 Reply Last reply Reply Quote 0
                            • First post
                              Last post
                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.