Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Dual WAN, Policy Based Routing, & VPN

    Scheduled Pinned Locked Moved Routing and Multi WAN
    3 Posts 2 Posters 1.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • 2 Offline
      2CaP
      last edited by

      I am having issue routing traffic from devices on my LAN (Media Streaming / FireTV's) to the specific WAN based on their Destination.

      My setup is attached is below:
      https://1drv.ms/i/s!AsBz_IrhoeODhwtFKlZzlrAZYtMP

      I have a Dual WAN setup from the same ISP both presenting WAN IP's to PFSENSE. I have each link setup in GATEWAY Groups as Tier 1 to balance traffic if one of the link becomes saturated.

      Other than that the setup is fairly simple. I use WAN1 / ISP1 to for the vast majority of traffic including my VPN connection.

      I use WAN2 / ISP2 primarily for VOIP Services & connectivity for my work PC. I currently use policy based routing to route all VOIP traffic to WAN2. So I know that the policy based setup works.

      I want to route my all my media streaming traffic from my Fire TV devices out WAN1 or VPN based on their destination.

      I want to route all Netflix traffic out over the WAN & all other traffic from the device out over the VPN connection.

      I began by creating an Alias for the Media Devices on my Lan & the IP destinations for the Netflix traffic.

      Example of the Netflix Alias below:

      https://1drv.ms/i/s!AsBz_IrhoeODhw4TqoM7Tt1iuF_X

      I then setup the LAN Firewall Rules to have the "Media" devices route all Non Netflix traffic out over the VPN.

      Example below:

      https://1drv.ms/i/s!AsBz_IrhoeODhwy-T0wleEudKzzB

      Unfortunately this doesnt work consistently. Is there something I am missing?

      1 Reply Last reply Reply Quote 0
      • 2 Offline
        2CaP
        last edited by

        To add top the original post… I have had this working on the older version of PFSENSE.

        Any suggestions on where to look for the resolution would be greatly appreciated.

        1 Reply Last reply Reply Quote 0
        • johnpozJ Online
          johnpoz LAYER 8 Global Moderator
          last edited by

          So you think netflix uses 4 /24 networks?  Why would you not just use a /22 for those 4 networks?  How big is this alias?  Why would you not just route all traffic from your netflix media devices out the wan no matter what the dest?  Since netflix and all the others are cracking down on vpn traffic..

          Your going to be fighting a loosing battle trying to keep tabs on every network that netflix uses ;)  Pretty sure its HUGE an adds addresses and removes networks on regular basis.

          Guess your going to have a issue trying to stream media from netflix off a pc, and vpn other traffic that is not neflix..  Vs if you were just playing netflix off your roku or HTPC, etc..

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 25.07.1 | Lab VMs 2.8, 25.07.1

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.