<![CDATA[Routing through a gateway that is down, bypassing policy routing]]>I have a multi-WAN/gateway setup with failover. We had a major provider outage yesterday, so the backup WAN/gateway is in use with the preferred gateway down. The provider started to restore services and some networks are beginning to be reachable but some are still unreachable. The IP I use to monitor the gateway is still not pingable, so the gateway stays down. But by doing ping and traceroute from the Diagnostics tools I can see that some outside IPs are reachable already.

I wanted to investigate more what's reachable and what's not from a PC on my LAN. It's cumbersome to do from pfSense and easier from a PC. I thought maybe the IP I use for monitoring stopped responding to pings forever. I created a typical LAN rule to bypass policy routing as described here: https://docs.netgate.com/pfsense/en/latest/multiwan/policy-route.html and as I did many times before when I wanted to connect through my secondary gateway when the primary was still up. I set Interface to LAN, Source - an LAN IP of this specific PC, Destination - any, and Gateway - that primary gateway that is considered down by pfSense but it's not completely down as I described above.

And it didn't work. I was routed through a backup gateway. I read more from the above link and it seems it's not possible to route through a gateway that is considered down by pfSense. The link above states "If that gateway is down, the rule will act as if the gateway was not set at all." There is a paragraph there "Enforcing Gateway Use". But it it boils down to blocking all traffic is that gateway is considered down by pfSense.

Is there any way to route traffic through a gateway that is considered down by pfSense by in reality it's only "partially" down?

]]>https://forum.netgate.com/topic/173357/routing-through-a-gateway-that-is-down-bypassing-policy-routingRSS for NodeTue, 09 Jun 2026 12:06:34 GMTSat, 09 Jul 2022 20:03:01 GMT60<![CDATA[Reply to Routing through a gateway that is down, bypassing policy routing on Sat, 09 Jul 2022 20:38:01 GMT]]>@johnpoz said in Routing through a gateway that is down, bypassing policy routing:

You can tell pfsense to consider that gateway up by disable monitoring

Thanks. But I don't want to do that because that gateway will be operational and become primary. But the service is only partially restored.

I guess the other way would be to assign Tier 1 to the backup gateway and Tier 2 to this one and disable monitoring as you suggested. But I thought there might be a way to force routing through a gateway that is down. I guess it goes against the logic.

]]>https://forum.netgate.com/post/1051048https://forum.netgate.com/post/1051048Sat, 09 Jul 2022 20:38:01 GMT<![CDATA[Reply to Routing through a gateway that is down, bypassing policy routing on Sat, 09 Jul 2022 20:05:37 GMT]]>@pfpv said in Routing through a gateway that is down, bypassing policy routing:

Is there any way to route traffic through a gateway that is considered down by pfSense by in reality it's only "partially" down?

You can tell pfsense to consider that gateway up by disable monitoring

monitoring.jpg

]]>https://forum.netgate.com/post/1051043https://forum.netgate.com/post/1051043Sat, 09 Jul 2022 20:05:37 GMT