Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Bridging with load-balancing

    Scheduled Pinned Locked Moved Firewalling
    1 Posts 1 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • I
      infinity_
      last edited by

      Hi there,

      I've tried to search for this particular problem but did not find any useful information…

      I've setup a inbound load-balancer on pfsense to loadbalance 2 webservers behind transparent firewalling (Bridged OPT1 and WAN)

      Here are the facts:

      • I can reach each servers individually from internet w/o problems (with proper rules)
      • I can reach the "Virtual servers" IP from LAN without issues (With default LAN -> ANY rule)
        - I CANT reach the "Virtual servers" IP from WAN even with Virtual IP on WAN and proper rules !!!

      Here is my setup:
      INTERNET-\ pfSense /–--(SRV1 208.xxx.xxx.228/29 GW 208.xxx.xxx.225)
      (GW 208.xxx.xxx.225)-- ( WAN 208.xxx.xxx.226/29 -BRIDGE- OPT1 )------ SWITCH
      | | ----(SRV1 208.xxx.xxx.228/29 GW 208.xxx.xxx.225)
      | LAN 192.168.254.1/24 ) - My pc 192.168.254.224/24

      Load Balancer: Pool
      Name Type Servers/Gateways Port Monitor Description
      HTTP server 208.xxx.xxx.228 80 TCP HTTP server pool
      (balance) 208.xxx.xxx.229
      MySQL server 208.xxx.xxx.228 3306 TCP MySQL server pool
      (balance) 208.xxx.xxx.229
      Tomcat server 208.xxx.xxx.228 8080 TCP Tomcat server pool
      (balance) 208.xxx.xxx.229

      Services: Load Balancer: Virtual Servers
      Name Server address Port Pool Description
      HTTP 208.xxx.xxx.230 80 HTTP HTTP Virtual Server 
      MySQL 208.xxx.xxx.230 3306 MySQL MySQL Virtual Server 
      Tomcat 208.xxx.xxx.230 8080 Tomcat Tomcat Virtual Server

      Firewall: Rules (WAN)
      Proto  Source Port  Destination  Port  Gateway Description
      TCP * * 208.xxx.xxx.230 80 (HTTP) HTTP Any -> HTTP Virtual Server
      TCP * * 208.xxx.xxx.230 3306 MySQL Any -> MySQL Virtual Server
      TCP * * 208.xxx.xxx.230 8080 Tomcat Any -> Tomcat Virtual Server

      Firewall: Virtual IP Addresses
      Virtual IP address Type Description
      208.xxx.xxx.230/32 [Proxy ARP] Virtual Servers IP

      Please help me to figure out what I am doing wrong !!! Thanks !

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.