Help me fix my ruleset

  • I have a multi wan setup with three WAN connections.

    WAN1 is used for my email server only
    WAN2 and WAN3 are used for VPN, Web Servers, and load balanced for my local user's internet access

    Basically, the email server uses the 'Email Failover' pool.  The WAN connection died, and for some reason none of my users could access the internet anymore until it came back up.  I was able to ping my DNS servers though.  Normal users shouldn't even be using the WAN1 connection though, so I'm not quite sure why its dying would lead to interupted access.  I've posted my rulesets, did I do something obviously wrong?

  • You could try with a dns rule
    2 check's I normally do:
    Trace route to your dns server from pfSense to see if they are going through the right wan.
    browse with the ip of a website

  • I've tested everything again since the WAN1 connection came back up, and there don't appear to be any oddities - but I don't really want to start unplugging things to really test them out until the end of the week.

    I've taken your suggestion, and have started using OpenDNS.  In the guide you posted, they set up a static route, one on each of the two WAN connections.  Since I have 3 WAN connections, what is the best way for me to do this?  Just leave out the static routes altogether?

  • You could manual edit config.xml and add a extra dns server

  • AFIK though, OpenDNS only has two IP addresses.

Log in to reply