Load-Balancing Multi-WAN, Issues with Some Websites
-
We are having an issue connecting to a 401K bank site when on site that has the pfSense device. Our device has two ISP WANs coming in that are configured to load balance. When we switch a client to our Guest Wi-Fi that points to only one of the WAN ports via a certain subnet, we are able to connect to the 401K site without issue. I suspect that when we connect to the 401K site, it does not like packets being sent from both WAN connections because it shows multiple ISPs. Is there a way to have traffic specific to this 401K site, from a subnet that is being load-balanced between two WANs, be diverted only through one WAN port?
-
@danielk-cg Lots of https sites do not like packets being split when using multi-wan load balancing.
You have two options,
-
create a firewall rule for your device at the very top of the rulebase on the LAN side with the IP Address of the source to any destination but force the packets out of a specific interface. The specific interface will be under the advanced section.
-
enable sticky packets under the advanced settings/miscellaneous
G
-
-
https://www.netgate.com/resources/videos/multi-wan-on-pfsense-23.html
-Rico
-
Pretty much all websites prob have issues with this, anything that does any sort of session or login for sure would have issues with this especially from a security point of view where you would have a cookie coming from multiple IPs, etc. etc.
