Static route to WAN2 is not working

limez17

Hi to Everyone in this forum,

Good day.
My pfSense firewall have 2 WAN(WAN1 & WAN2). I want to route my VOIP traffic from 192.168.1.250/16(Local server) to 114.XXX.XXX.XXX/32(External server) via WAN2. I've added static route:

(Will not show full details of my IP)

Then added rule for my WAN1:

I also set NAT outbound to:

I ran traceroute in my pfSense shell, static route is working. Traffic to 114.XXX.XXX.XXX/32 is routed to my WAN2:

But my local server is still routing traffic to my WAN1 GW. I already checked under Diagnostic / Traceroute. Route is going to WAN2.

Please kindly help.
Thank you in advance!

Derelict

Don't use a static route for that. Use policy routing on an inside interface rule:

https://docs.netgate.com/pfsense/en/latest/book/multiwan/policy-routing-configuration.html#policy-routing-configuration

limez17

Hi @Derelict,

Thank you for replying on my topic.
I already tried using policy routing on an inside interface rule:

But it has no effect. Still traffic is routed via my WAN1.

Derelict

What you show there has nothing to do with policy routing.

And you almost NEVER want to set source ports. They are almost always random.

Did you set the gateway to the WAN2 gateway on that rule?

Please: https://docs.netgate.com/pfsense/en/latest/book/multiwan/policy-routing-configuration.html#configuring-firewall-rules-for-policy-routing

limez17

Hi @Derelict,

I'm quiet confuse on "Policy routing", can you enlighten me?

I already set source port into "any", but still same result.

Yes I've set WAN2 as gateway:

Traceroute is showing 1st hop is my WAN2:

But then again, my local server isn't routing it to my WAN2. It's still routing to my WAN1.

Derelict

Your rule shows no matching traffic. Are you certain that is what you are supposed to be matching?

Policy routing is all described in the link I posted multiple times.

limez17

Hi @Derelict,

Yes, I'm certain. By the way I already changed the source into my local server IP "192.168.1.250":

But still it won't work. Traffic is still routing via WAN1.

About policy routing. You mean adding rules on my LAN interface right? If so, I already followed and tested. It also won't work.

Derelict

@limez17 That has no choice but to route to WAN2 if the source, destination and port match.

This stuff just works. If that is not working then you have to figure out what is not matching, what the problem with how you are testing is, etc.

You also might have to clear states after making changes to the rule configuration. It only policy routes NEW connections.

limez17

@Derelict said in Static route to WAN2 is not working:

You also might have to clear states after making changes to the rule configuration. It only policy routes NEW connections.

@Derelict Noted on that. I've been trying to figure this out from day to day. I hope to find the resolution soon. Thank you for replying on my topic. I appreciate it.
Will try to clear states as well. How long reset state should take?

Derelict

Instantly.

limez17

@Derelict mine is just stuck in loading

Derelict

What is?

limez17

@Derelict when i'm trying to reset states

Derelict

Resetting states will reset the state you are accessing the firewall using. You might need to reload the browser page.

limez17

@Derelict noted on that. Does a reboot also reset state?