routing LAN To Virtual IP
-
@adb You also need nat on new outbound interface, and some rules to send traffic there.
-
@netblues Thanks for your response.
Yesterday I was trying to configure "Outbound NAT Entry" but I don't know if I have the correct settings.
If this configuration is correct, all that remains is to configure new routing rules, right? -
@adb You also need to enable the rule...
You need routing policy for packets to reach the interface so they can be natted
Its either rules on your lan interface
Or static routes (including default gateway change, as a test..) -
@netblues Thanks, the rule is not active because I had to disable it to have internet but I will activate it to continue testing.
How do I define the route on the LAN interface so that it is natted?
I apologize if the question is basic, but I don't really know the answer. I still have a lot to learn about network configuration and specifically how pfsense works -
@netblues These are the rules I have right now in LAN
-
To give more context to the settings I have, I leave here some screenshots
-
@adb Since you created a gateway group, you need a rule on your lan to direct traffic to that group and not *, which is the default.
-
@netblues Is that not handled by the "default gateway IPv4" setting? I just double checked a client router with 2 WANs, since I didn't set it up, and all LAN rules use a gateway of * including the default LAN->any.
-
@teamits It will work, since you are redirecting default gw to a group.
However it is not easy to debug, especially in load balancing scenarios where weights are involved.
For failover, its much easier.
With policy routing you have better control of the situation -
Finally I managed to configure everything and? much simpler than I was thinking.
I will try to describe all (in fact there are only a few) the configurations I made.As I currently have two connections to the internet, I have defined a gateway group wit the name "IPV4_GW_GROUP"
this gateway group has two internet connections:- WAN_MEO_GW
- WAN_PT_GW
For this problem, the connection that matters is "WAN_PT_GW" which connects to the interface in "WAN_PT" that we will call WAN2
The "WAN_PT" interface is configured with "Static IPv4" and the IP is 100.64.67.74
Then it was only necessary to configure nat to translate all traffic to my public IP (virtual IP)
-
@adb Glad it worked for you :)
