Source based Routing with pfSense
-
Hi,
I have 3 WAN connections, configured the policy routing and working as expected, but incoming connection on WAN1 or WAN2 from IP: a.b.c.192 (when WAN3 ip is a.b.c.62, GW: a.b.c.1 ) responded on WAN3. Can I somehow resolve this? I expect the response to go out through incoming interface.
Thanks
Levi -
@birtalevente
Dude, this thread is almost two years old, so let him rest in peace!@birtalevente said in Source based Routing with pfSense:
but incoming connection on WAN1 or WAN2 from IP: a.b.c.192 (when WAN3 ip is a.b.c.62, GW: a.b.c.1 ) responded on WAN3.
Can you describe your WAN interface configuration a little more detailed?
It's not really clear when you use alphabetic characters and not mention any network mask. Are these connected to different internet providers, are they in different subnets with a gateway on each? -
@viragomann
I tried to explain more detailed, but always got the spam message
WAN1 and WAN3 are same ISP, but different media (fiber and radio) and network, both netmask is /24.
WAN2 is other ISP, obviously different network than others, netmask is /25.So, the WAN3 network let's say is a.b.c.0/24, WAN3 IP is a.b.c.62
There is another location, other company where the ISP assigned the a.b.c.192 IP address. From this another location, other company they have to connect to some services at mine location, where the pfsense router is installed with WAN1,2,3.
From this another location, other company the connection is initiated to the WAN1 and WAN2 IPs, but the responses are routed out through the WAN3 ... which is somehow logic because I have in the routing table a.b.c.0/24 on WAN3.
As I said before, I'd like the whole traffic to going on incoming interface
Thanks!
Levi -
@birtalevente said in Source based Routing with pfSense:
From this another location, other company the connection is initiated to the WAN1 and WAN2 IPs, but the responses are routed out through the WAN3 ... which is somehow logic because I have in the routing table a.b.c.0/24 on WAN3
No, this is logic, because the destination IP lies within the subnet of WAN3 if I did undersand right your alphabetic variables:
@birtalevente said in Source based Routing with pfSense:
So, the WAN3 network let's say is a.b.c.0/24, WAN3 IP is a.b.c.62
There is another location, other company where the ISP assigned the a.b.c.192 IP addressSo if here a.b.c are the same in both variables, your WAN3 IP and that one of the other company are in the same subnet.
If so, the other company should access your router at WAN3 and nothing other.
If they come in on an other WAN, they may have set a wrong mask in the WAN configuration (not /24).Your router cannot response to an address on another interface if the destionation is in the subnet of WAN3 in the end.
-
@viragomann said in Source based Routing with pfSense:
@birtalevente said in Source based Routing with pfSense:
From this another location, other company the connection is initiated to the WAN1 and WAN2 IPs, but the responses are routed out through the WAN3 ... which is somehow logic because I have in the routing table a.b.c.0/24 on WAN3
No, this is logic, because the destination IP lies within the subnet of WAN3 if I did undersand right your alphabetic variables:
@birtalevente said in Source based Routing with pfSense:
So, the WAN3 network let's say is a.b.c.0/24, WAN3 IP is a.b.c.62
There is another location, other company where the ISP assigned the a.b.c.192 IP addressSo if here a.b.c are the same in both variables, your WAN3 IP and that one of the other company are in the same subnet.
If so, the other company should access your router at WAN3 and nothing other.This is not possible...WAN3 is low speed and dedicatet to other services.
If they come in on an other WAN, they may have set a wrong mask in the WAN configuration (not /24).
They come in on the right WAN because thats how is set up on they side!
Your router cannot response to an address on another interface if the destionation is in the subnet of WAN3 in the end.
That sucks ...
So I need to reconfigure a little bit
Thanks anyway !
Levi