Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Solved: Inbound Multiwan Routing Problem

    Scheduled Pinned Locked Moved Routing and Multi WAN
    8 Posts 2 Posters 750 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      Crysion
      last edited by Crysion

      Hi guys,
      I have a multiwan routing problem on my PFSense. I have 2 external Internet lines, with two public IP addresses. Both are combined into one gateway group. However, only one of the two public IP addresses is accessible from the outside. In the PFSense documentation, it was written: "On current versions of pfSense, from the perspective of traffic coming in to services on pfSense from the Internet, connections will return through the WAN which they entered. "That doesn't work for me.
      SSH listens on all IP addresses and is also unlocked from anywhere on the firewall. If I now connect to the non default gateway ip address via port 22, my connection will be answered via the IP address of the default gateway.
      Can anyone help me?

      1 Reply Last reply Reply Quote 0
      • JeGrJ
        JeGr LAYER 8 Moderator
        last edited by

        @Crysion said in Inbound Multiwan Routing Problem:

        SSH listens on all IP addresses and is also unlocked from anywhere on the firewall. If I now connect to the non default gateway ip address via port 22, my connection will be answered via the IP address of the default gateway.

        That's not default behavior. You are right, SSH listens on all interfaces and if you allow SSH on the selected interfaces (I assume WAN1 and WAN2) then you should be able to access it. Are your WAN interfaces setup correctly? Do both have their gateways? Even if you have a failover or loadbalance gateway group as default, packages coming in the 2nd WAN will be answered by that IF/GW as long as nothing has been misconfigured or forgotten.

        Regards

        Don't forget to upvote ๐Ÿ‘ those who kindly offered their time and brainpower to help you!

        If you're interested, I'm available to discuss details of German-speaking paid support (for companies) if needed.

        1 Reply Last reply Reply Quote 1
        • C
          Crysion
          last edited by

          @JeGr Thanks for your reply!!
          I would say, that both gateways are correct configured.
          Both interfaces are enabled.
          Both have a static ip-address and a ipv4 upstream gateway.
          For both "Block bogon networks" is active.
          Nothing else is configured for the wan network devices!

          1 Reply Last reply Reply Quote 0
          • JeGrJ
            JeGr LAYER 8 Moderator
            last edited by

            @Crysion said in Inbound Multiwan Routing Problem:

            Nothing else is configured for the wan network devices!

            What about the rules on WAN/WAN2?

            Don't forget to upvote ๐Ÿ‘ those who kindly offered their time and brainpower to help you!

            If you're interested, I'm available to discuss details of German-speaking paid support (for companies) if needed.

            1 Reply Last reply Reply Quote 1
            • C
              Crysion
              last edited by

              They're both configured in a interface-group. Firewall rules are just configured for this group, not for a single Device.

              1 Reply Last reply Reply Quote 0
              • JeGrJ
                JeGr LAYER 8 Moderator
                last edited by

                Then please try and add a SSH rule for either interface, not to the group you created. I doubt that those group rules add the necessary reply-to keywords to the pf rules

                Don't forget to upvote ๐Ÿ‘ those who kindly offered their time and brainpower to help you!

                If you're interested, I'm available to discuss details of German-speaking paid support (for companies) if needed.

                1 Reply Last reply Reply Quote 1
                • C
                  Crysion
                  last edited by

                  @JeGr That is absolutely correct. Thank you very mutch for your help!!!!

                  1 Reply Last reply Reply Quote 0
                  • JeGrJ
                    JeGr LAYER 8 Moderator
                    last edited by

                    You're welcome :)

                    Don't forget to upvote ๐Ÿ‘ those who kindly offered their time and brainpower to help you!

                    If you're interested, I'm available to discuss details of German-speaking paid support (for companies) if needed.

                    1 Reply Last reply Reply Quote 1
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.