Problem with multiWAN and Squid proxy
-
Hi,
I'm a newcomer in pfSense.
In first place sorry for my 'ugly' English.
I have a new pfSense 1.2.3-rc3 installation in a Core2Duo, 1GB, 5 ethernet cards box. It will be a corporate firewall. Only extra packages installed are:
-
rate
-
squid
-
squidGuard
We have 2 WAN's (ADSL router) conected to ethernet 1 and 2:
| INTERNET | | pfSense box |
|–-------- ADSL router 1 --- 192.168.1.254 ------------ 192.168.1.250 ---| | |
|---------- ADSL router 2 --- 192.168.2.254 ------------ 192.168.2.250 ---| | |
|
LAN ------------ 192.168.3.1 ---------Reading others posts I disable the "sticky connections" in System|Advanced because it's broke.
We create a OpenDNS account to have DNS for monitoring the pools in Load Balancer:LoadBalance --- gateway (balance) - wan/opt1 ---- Monitor: 208.67.xxx.xxx/208.67.yyy.yyy
WANfailover --- gateway (failover) - wan/opt1 ---- Monitor: 208.67.xxx.xxx/208.67.yyy.yyy
WAN2failover --- gateway (failover) - opt1/wan ---- Monitor: 208.67.yyyy.yyyy/208.67.xxx.xxxwhen opt1 is the WAN2 conection...
Also I create 3 rules in Firewall Lan:
Proto Source Port Destination Port Gateway
* Lan net * 192.168.1.0/24 (WAN1) * 192.168.1.254 (Lan -> WAN)
* Lan net * WAN2 net * 192.168.2.254 (Lan -> WAN2)
* Lan net * * * LoadBalance (see pool Load Balance)When we simule a failover on WAN1 (disconnecting ethernet cable) we lost Internet connection but doing a "traceroute" the connection it's alive using WAN2!
Anybody can say me where I'm wrong?
Thanks
-
-
Hi
I think the problem is tha Squid currently supports only 1 gateway (WAN1).
Disable squid transparent mode.