Policy base routing not working traffic is not forwarded to specified gateway and always go to the default gw
-
Chat the contents of /tmp/rules.debug to me then. And please specify exactly how you are testing. Source IP address, dest IP address, method of testing.
Execute
cat /tmp/rules.debugin Diagnostics > Command Prompt and copy/paste the output. -
@derelict dude i send to you the rule.debug dump let me know if you find the resolution. thank you
-
You have WAN, WAN1, and WAN2 defined. You are policy routing PRESIDENT out WAN, not WAN1. You stated you have two WANs but there are three. What, exactly, are you trying to do?
GWWAN1GW = " route-to ( lagg0.101 X.X.X.225 ) "
GWWAN2GW = " route-to ( lagg0.102 Y.Y.Y.113 ) "
GWWAN_DHCP = " route-to ( lagg0.4090 192.168.1.1 ) "pass in quick on $PRESIDENT $GWWAN_DHCP inet from 10.10.8.0/24 to any tracker 1531493401 keep state label "USER_RULE"
-
@derelict thanks for looking on it. Policy routing is not working. As you can see the president although on policy it is set to wan. But on the contrary it still uses the wan2 which the default gateway. What i want is to make that work.
-
@derelict all is working my pfsense setup except the policy routing.
-
What WANs are supposed to be active? You have WAN WAN1 and WAN2 but you said you only have 2 WANs. I think you need to delete the WAN gateway and policy route to WAN1 instead. But I'm kind of just guessing because you seem to not be reading what I am saying.
In other words, change the policy routing on PRESIDENT to GWWAN1GW instead of GWWAN_DHCP and test again.
-
@derelict my friend all of those is active. Yeah on start of the topic i mention 2 wans but just summarize my issue so its more direct. But now i showed you the real scenario.
So what i wanted is to have that president vlan use the wan as its gateway.
-
And the wan1 im using it for my web and outside communication. Wan and wan2 is for surfing
-
Just for testing before i use the wan1 for president gateway before but its still the same it did not work also.
-
And that is what it will do. Not sure what you are doing wrong. Maybe a testing flaw.
Policy routing pretty much just works.
What is the source IP address you are testing from? How are you testing?
Are you getting any alerts at the top of the dashboard that the filter rules can't load or anything?
-
Has anyone verified that the vlan setup on lagg0 is working as intended?
-
@heper Yes man its working all vlans its working. they can browse internet but only through default gateway.
-
i'm using the XG-7100 -
Hardware does not matter in this case.
-
@derelict i use the pres network to test, making tracert and compare. I also observe the traffic on both wan and wan2.
-
@derelict said in Policy base routing not working traffic is not forwarded to specified gateway and always go to the default gw:
What is the source IP address you are testing from? How are you testing?
You did not answer that question. What is the Source IP address of the host you are testing from? I am really not asking for these details to waste your time. Honest.
We need to figure out what you are doing wrong - from a distance - and if we ask for details it's because we are trying to figure out where the mistake you made is. Because if there was not a mistake made, it would be working.
-
Thank you for helping i appreciate it guys. The source ip address is the vlan 8 which is the vlan of pres. And testing using traceroute example to google.com to see where i am passing through.
During the testing also i run streaming on vlan 8 and then compare it with vlan 5 and 4 to view the usage traffic.
By the way i replied on this question.
Thanks again.
-
Sigh - looking for the actual host IP address of the host you are testing from, not the interface.
-
Hi Derelicit,
On vlan 8 i sometime use the 10.10.8.26 to check if its going through WAN.
Thank you,
-
Did you clear the firewall states between running tests?
Do you see any alerts shown on the dashboard indicating the ruleset might not loading as expected?
Steve
