Virtual IPs and Blackhole/Static Routing

  • Hello,

    Hopefully someone can shed some light on my issue.

    I have multiple WAN IPs set up as both IP Alias and Proxy ARP VIPs. I also have static routes that I am using to blackhole route offending public IPs, ie:

    route add -host -blackhole

    This works fine to keep an IP from accessing the primary pfSense WAN IP, but does not seem to apply to the VIPs.

    Does anyone know what I am doing wrong?

    It doesn't matter if I create these routes via the command line or via the GUI.