Setting default gateway to something other than WAN port

  • Hello fellow pfsense users,

    To explain my situation I have a client that has 4 sites. 1 site is the main with server and two adsl connections. This main site has a 8M/384kbps main internet line and a second adsl service that connects to an ISP managed private network. The 3 other sites have a single connection to this private network as well.

    All sites come through main site number 1 for server, mail and web access. What I require pfsense to do is run the main site private link and the routing associated with it. What I was wondering is can I get the pfsense to set a default gateway to the main internet link instead of the private link?

    IP structure as follows:
    Main site with main internet on 1.14 and private link on 1.251 (Private wan side is

    Private network running on (includes main site ip and remote sites)
    Remote site 1 - Private link ip
    Remote site 2 - Private link ip
    Remote site 3 - Private link ip

    I have gone through and turned off NAT and added in static routes for each of the remote subnets pointing to their private link IP's but as said above I would prefer the pfsense default gateway to point to instead of a 172.16.128.* (whatever gateway address it gets assigned).


  • Put WAN on the network where your default gateway resides.

    2.0 lets you pick which gateway you want to be the default, in 1.2.x you must put WAN on the network with your desired default gateway.

  • Sorry I forgot to put in the fact that the wan side is doing a PPPoE logon for the private network.

    I might have a look into the 2.0 snapshots. How stable would you say they are in their current form?

  • Ah, then yeah, you're stuck.  I wouldn't suggest 2.0 for production use at this point, but you can give it a shot. We've fixed a lot this week and it largely works fine, but it's alpha software, if you don't understand the underlying system you may have difficulties.

  • Bummer.

    I'll just have to wait and see when 2.0 gets a full release then, but for now I'm going to have to get another router system to do the job.

    Do you know if m0n0wall's current system can do this?

  • Situation is the same in m0n0wall.

    You can try 2.0, it may work perfectly fine for what you're doing.

Log in to reply