<![CDATA[Multi-Wan stops traffic between LANs]]>I have an XG-7100 on version 21.05.
Here are my networks:

  • LAN
  • Office
  • LAN 2

I have 2 cradlepoint(Verizon Wireless) Gateways that work. When I try to load balance them, the office network cannot access the LAN2 network(LAN2 contains my Host servers and switches).

If I set the gateway back to "default", Office can see LAN2 again. I'm not sure what I've done wrong here. I have tried clearing the State as well with no luck.

Any help or guidance on what to do? Config images below

alt text
alt text
alt text
alt text
alt text
alt text

]]>https://forum.netgate.com/topic/164766/multi-wan-stops-traffic-between-lansRSS for NodeSat, 16 May 2026 14:19:01 GMTTue, 29 Jun 2021 23:53:01 GMT60<![CDATA[Reply to Multi-Wan stops traffic between LANs on Thu, 01 Jul 2021 16:00:39 GMT]]>@ironwood
Yes, if you have a policy routing rule on an interface you have add an additional route for permiting internal traffic above of it.
This also concerns access to services provided by pfSense itself like DNS.

]]>https://forum.netgate.com/post/990287https://forum.netgate.com/post/990287Thu, 01 Jul 2021 16:00:39 GMT<![CDATA[Reply to Multi-Wan stops traffic between LANs on Thu, 01 Jul 2021 15:38:11 GMT]]>@viragomann Ok this makes sense. So I would need to create 2 seperate rules instead of combining them into one rule when dealing with internal routing and gateway routing. Appreciate the explanation!

]]>https://forum.netgate.com/post/990283https://forum.netgate.com/post/990283Thu, 01 Jul 2021 15:38:11 GMT<![CDATA[Reply to Multi-Wan stops traffic between LANs on Wed, 30 Jun 2021 17:36:06 GMT]]>@ironwood
With the gateway option in the firewall rule, you do policy routing. This means, this rule directs all traffic it allows to the active gateway of the gw group in this case.
However, this rule then doesn't pass any traffic to internal destinations at all. To pass such traffic you need a rule without a gateway set.

Also as I understood your aim you don't need policy routing. So if you only want to have a gateway failover group the way to go here is to set the gw group as default gateway globally for the system.

]]>https://forum.netgate.com/post/990109https://forum.netgate.com/post/990109Wed, 30 Jun 2021 17:36:06 GMT<![CDATA[Reply to Multi-Wan stops traffic between LANs on Wed, 30 Jun 2021 17:24:53 GMT]]>@viragomann I've been battling this all week and you are a life saver! Thank you for your response.

I'm curious why this works vs setting them in the firewall rules? Thoughts?

]]>https://forum.netgate.com/post/990104https://forum.netgate.com/post/990104Wed, 30 Jun 2021 17:24:53 GMT<![CDATA[Reply to Multi-Wan stops traffic between LANs on Wed, 30 Jun 2021 10:11:14 GMT]]>@ironwood
Set the gateway group as default gateway in System > Routing > Gateways > Default gateway and remove it from the firewall rule.

]]>https://forum.netgate.com/post/990012https://forum.netgate.com/post/990012Wed, 30 Jun 2021 10:11:14 GMT