Multi-Wan stops traffic between LANs
-
I have an XG-7100 on version 21.05.
Here are my networks:- LAN
- Office
- LAN 2
I have 2 cradlepoint(Verizon Wireless) Gateways that work. When I try to load balance them, the office network cannot access the LAN2 network(LAN2 contains my Host servers and switches).
If I set the gateway back to "default", Office can see LAN2 again. I'm not sure what I've done wrong here. I have tried clearing the State as well with no luck.
Any help or guidance on what to do? Config images below
-
@ironwood
Set the gateway group as default gateway in System > Routing > Gateways > Default gateway and remove it from the firewall rule. -
@viragomann I've been battling this all week and you are a life saver! Thank you for your response.
I'm curious why this works vs setting them in the firewall rules? Thoughts?
-
@ironwood
With the gateway option in the firewall rule, you do policy routing. This means, this rule directs all traffic it allows to the active gateway of the gw group in this case.
However, this rule then doesn't pass any traffic to internal destinations at all. To pass such traffic you need a rule without a gateway set.Also as I understood your aim you don't need policy routing. So if you only want to have a gateway failover group the way to go here is to set the gw group as default gateway globally for the system.
-
@viragomann Ok this makes sense. So I would need to create 2 seperate rules instead of combining them into one rule when dealing with internal routing and gateway routing. Appreciate the explanation!
-
@ironwood
Yes, if you have a policy routing rule on an interface you have add an additional route for permiting internal traffic above of it.
This also concerns access to services provided by pfSense itself like DNS.