2 WAN, Policy-based routing question



  • Hello,

    I plan to do a server consolidation project and would like to know if what I'm planning is possible with Pfsense. Currently, I'm using two Pfsenses with a server behind each one.

    Desired end state:

    A single Pfsense connected to two (2) Internet connections with static IPs (interfaces WAN and WAN2). I have inbound NAT and firewall rules that send traffic to two servers on the LAN behind the Pfsense. The rules are setup so that Link A = WAN = server A, Link B = WAN2 = server B. This works fine.

    However, I have software on Server A and Server B that can only communicate via their global IP addresses. If I setup policy-based routing, where traffic originating from Server A's LAN address with destination Server B's global address, using WAN2 as a Gateway (and vice versa); will the servers be able to communicate using each other's global IPs? Do I need to setup Advanced Outbound NAT as well?

    Thanks and best regards,



  • http://forum.pfsense.org/index.php/topic,7001.0.html

    System:

    Advanced:
    If you want to be able to use NAT-mappings from withing your own LAN disable the checkbox "Disable NAT Reflection"

    You might have to create a rule with as destination: "globalIPofServer" and gateway * above the rule that forces the traffic to a specific WAN.
    But i'm not sure about that.


Locked