Preventing multi-wan failover for a specific host
-
I have a bit of a head scratcher. pfSense 2.5.2 with two WAN links in a gateway group setup for failover - WAN_A is tier 1, WAN_B is tier 2. Let's call the gateway group itself WAN.
In my firewall group for the interface my hosts are on, the last rule I have is a Pass rule for anything on that interface with the WAN set as the gateway under advanced settings, so the hosts will fail over as needed on the uplinks.
I have one host that I want pinned to WAN_B. Above the previous rule I have a specific Pass rule that is defined for that IP with a gateway of WAN_B. If both wan interfaces are up, that works fine - that host goes out via WAN_B.
However if I disable WAN_B (on the switch, not in pfSense) so the WAN_B gateway is offline, that host switches over to using WAN_A anyway.
I've tried a lot of combinations of putting block rules in for that host and WAN_A with no effect. I've tried similar things in the NAT tab but with a rule to block further processing, which resulted in the specific host not being able to access the wan under any circumstances.
I'm sure I am missing something obvious, any hints would be appreciated greatly.
-
@gprguy
Go to System > Advanced > Miscellaneous and check Skip rules when gateway is down. -
@viragomann
Thank you! That plus a blocking rule to prevent the host from going out the gateway I don't want does the trick.