4. Static routes and gateway groups

Static routes and gateway groups

  • D

    Hi,
    I setted up several gateway groups to let clients to access to other networks using the MultiWAN capabilities (a MPLS connection and an OpenVPN on WAN connection).
    Clients works good, but I'm still having problems on connections generated from the firewall itself as they relies on the static routes which I cannot set a gateway group on.

    How I can solve this problem?
    How I can use a gateway group for static routes?

    Thank you very much!
    Bye

    0
  • K

    As far as I know you can't because none of the PF tricks that are used for policy routing and gateway groups work on traffic initiated by the firewall itself.

    0
  • D

    @kpa:

    As far as I know you can't because none of the PF tricks that are used for policy routing and gateway groups work on traffic initiated by the firewall itself.

    So I cannot have failover on the firewall itself?
    This is a problem for the domain ovverides rules on the DNS forwarder, for example.
    I cannot think that I need to manually switch the static routes whenever the primary gateway goes down.
    There should be a way to manage this! What if I have tons of routes?

    0
  • LAYER 8 Netgate

    In that case I would not use the built-in DNS forwarder. I would put a DNS server on LAN and use that so it could be properly policy routed.

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy