routing to secondary gateway
-
Hello Community.
first time using pfsense and i run into an issue. probably something lame....
my setup...
wan1: 192.168.1.0/24
wan2: 192.168.3.0/24
lan: 192.168.2.0/24i have a gw balancer between wangw1 (192.168.1.1) and wangw2 (192.168.3.1)
my lan gw is the pfsense with ip 192.168.2.1The load balancing works and when the wangw1 is selected i can access its interface (1.1).
when the fail over occurs the gw changes to wangw2 and i can access its interface (3.1)how can i have access to the secondary gateway when it is not selected?
i tried static routing but since the sub net is on a wan interface i am not allowed to do so.i believe i should add a rule, but i an not sure in which interface and with what options.
thank you!!
-
@arkoulikosta What do you mean with "access to" secondary gateway?
Do you simply want to access the upstream router and manage that via it's UI.
Or do you want to route traffic that way?The first part is as simple as typing in it's IP in your web browser...
If you for example want to have your PC use WAN2 for internet access you can create a simple rule on the LAN interface for that.
Your source will be the IP of the PC and destination is Any. If you expand the Advanced section, there is an item calle Gateway with a dropdown where you will find your WAN2 in the list. That's pretty much it...Perhaps it can be done in a different way but that's how I did it when playing around and testing this.
-
@Gblenn said in routing to secondary gateway:
If you for example want to have your PC use WAN2 for internet access you can create a simple rule on the LAN interface for that.
Your source will be the IP of the PC and destination is Any. If you expand the Advanced section, there is an item calle Gateway with a dropdown where you will find your WAN2 in the list. That's pretty much it...just adding that this, i.e. determination of next-hop gateway based on packet source, is called policy-based routing.
see also:
https://docs.netgate.com/pfsense/en/latest/multiwan/policy-route.html
https://en.wikipedia.org/wiki/Policy-based_routing -
@Gblenn said in routing to secondary gateway:
@arkoulikosta What do you mean with "access to" secondary gateway?
Do you simply want to access the upstream router and manage that via it's UI.
Or do you want to route traffic that way?The first part is as simple as typing in it's IP in your web browser...
If you for example want to have your PC use WAN2 for internet access you can create a simple rule on the LAN interface for that.
Your source will be the IP of the PC and destination is Any. If you expand the Advanced section, there is an item calle Gateway with a dropdown where you will find your WAN2 in the list. That's pretty much it...Perhaps it can be done in a different way but that's how I did it when playing around and testing this.
i wanted to access the router ui, but could not do so if the wan1 gw was active
and it was indeed as simple as adding a rule with the wan2 gw as default.
thank you!! -
@arkoulikosta said in routing to secondary gateway:
@Gblenn said in routing to secondary gateway:
@arkoulikosta What do you mean with "access to" secondary gateway?
Do you simply want to access the upstream router and manage that via it's UI.
Or do you want to route traffic that way?The first part is as simple as typing in it's IP in your web browser...
If you for example want to have your PC use WAN2 for internet access you can create a simple rule on the LAN interface for that.
Your source will be the IP of the PC and destination is Any. If you expand the Advanced section, there is an item calle Gateway with a dropdown where you will find your WAN2 in the list. That's pretty much it...Perhaps it can be done in a different way but that's how I did it when playing around and testing this.
i wanted to access the router ui, but could not do so if the wan1 gw was active
and it was indeed as simple as adding a rule with the wan2 gw as default.
thank you!!
Good that it works, but if it is just the UI that you are trying to access, I don't see that you need to create a policy rule for that...I have a similar setup, where my second WAN (failover) is connected to a 4G router which hands out a 192... IP to pfsense. It looks like this and I access that router UI directly just by typing in the IP on any browser (192.168.3.2 in my case). There is no need to have any policy rule in order to access that subnet.
You should be able to reach both upstream routers from your LAN, as long as both are considered UP.
