  Hi all,

    i have setup the firewall with 2 wan and 1 lan with load balancing.

    i also added protocol binding because i want all traffic from all computer on lan that goes trough port 1588 go out with wan2.

    I would like also that when the wan2 is down no traffic for port 1558 from lan computer goes trough wan1. i want it blocked.

    How can i do it??


  • LAYER 8 Netgate

    Yeah, that gets tricky due to the nature of policy routing.

    Make a policy routing rule on the LAN interface at the top of the rule set that matches all traffic destined for port 1588 and set the WAN2 gateway on the rule. Also set that rule to mark the traffic with something like "WAN2_ONLY".

    Then make a floating rule on WAN1 in the out direction that rejects all traffic if it matches the WAN2_ONLY mark.

    Search the forum for NO_WAN_EGRESS for examples of the same technique.

  • Thank you for the quick reply..

    have  i to leave the protocl binding and round robin or i have to cancel all and set the rules you suggested?

    Thank you!

  • LAYER 8 Netgate

    What I suggested completely bypasses the round-robin configuration since you are explicitly policy routing to that WAN. As long as those policy routing rules are higher in the rule set.

