Routing with Dual WAN question
-
I am setting up Dual WAN in my pfsense router. I have a fixed IP address from my cable provider, with an IP address I have had for about 12 years. I have just got Google fiber installed. I can tell how from the documentation to have the 2 interfaces, and how to have traffic either load balance or fail over and I can see how to set priority.
What I can't see is how to have a host be forced to use only the fixed IP connection. Specifically I have a mail server on a particular host and I want all WAN traffic to and from that server's IP to go through the cable connection, but still have the cable connection able to be the backup if Google Fiber goes down.
I am using one class C from the 192.168 range for all my devices, with NAT rules for the ports that the server needs.
Thank you
Cheers, Liam -
Check out https://www.netgate.com/resources/videos/multi-wan-on-pfsense-23.html
Should be very helpful for you...-Rico
-
Thank you for the pointer, looks very useful.
-
@Rico The video you pointed me to was very useful, and I now have MultiWAN set up, mostly working. The two weirdnesses I have are:
I have a group set with Tier 1 on my Fiber connection, and Tier 2 on my cable connection. My LAN uses this group. When I pull the cable on my Fiber it seems that TCP connections fail over, but things like ping (ICMP etc) out the failed over to WAN do not. I can't see where that is set :-(
Second issue is that I have my mail server in a subnet called DMZ, off it's own port from the router. It is set to have it's WAN traffic to only go to the cable connection - which works. What I cannot do is get it to make connections to the LAN. Even if I set up a rule for DMZ-net to LAN-net all I can't ping or ssh from DMZ. I really need/want just Bonjour and ping to be able to initiate DMZ->LAN but I can't even get DMZ-net -> LAN-net all to work, even though on the LAN I have LAN-NET - RFC1918 set and working, and I did try it as LAN-net -> DMZ-net and that works too.
Thank you
Cheers, Liam
