Gateway policy routing

  • Hi

    I've got setup 1 LAN and 3 WANs.

    WAN 1 is my default gateway.
    WAN2 and WAN3 are in multiWan setup.

    Source based routing is working fine, but i would go one step further and set rules based on gateway.

    My pfSense machine has primary IP and 2 virtual IP's
    If client set default gateway to routing should go via WAN2, and if set gateway to via WAN3

    Is it possible to do this?
    Maybe other ideas how to redirect traffic changing setup on workstations?

    Best regards

  • Why?

  • Some workstations are configured to use multiWan connection only due to generate heavy traffic, but in some cases (firewall rules on the other end) they need to route by specific (not random) gateway.
    One WAN2 is static IP, WAN3 is dynamic IP and it is much easier to change gateway on workstations than on router due to high frequency of changes.

  • There's no way for different routing dependent on the incoming address. But it could be done by source addresses.
    So just segment your LAN in subnets and add policy routing rules to fit your needs. After, you have control over the routing by changing the clients IP. That won't be a bigger undertaking than changing the gateway.

  • I was thinking about that, but all workstations must be in the same network…

    In other hand I can add another class to each workstation… i't should work.

    Thanks for an idea!

  • I meant the segmentation only for rule handling. The whole LAN should stay a broadcast domain, of course.

    So e.g. if your LAN is
    You can route traffic from source to WAN2 to WAN3

  • This type of rules I've used to route traffic via MultiWan because this is default behavior for this subnet.

    Now I added 2 virtual IP: and
    Firewall rules are set to route via specific WAN according to source network and this i working fine.

    Thanks for an idea.

Log in to reply