Route specific LAN IP via my second WAN
-
Question seems simple but I fail to set it up.
I have 2 Wans which seems to be all right
I want to have some of my LAN IPs to use The WANGW instead of WAN2ADSL_DHCP.
When I try to set a rule, no success...
I can not access internet, although I can see some packets on the WANGW.
Maybe a stupid mistake?
Thanks for your help.
-
@labu73 that rule doesn't even look enabled.. looks dim/gray like its not enabled.
See, 2nd pic I disabled the middle rule
-
Sorry for that, I screencap with the rule disabled as could not send otherwise...
-
@labu73 so when you create that rule you can't even ping say 8.8.8.8? I show 0/0 on that rule so seems like it was never enabled. And not really sure what that 1st rule is suppose to allow.. 68.1 is pfsense IP - that not going to let you do anything but talk to pfsense IP - that rule would not allow internet.
Did you mess with outbound rules, do you have any rules in floating - are you using a vpn.. that rule looks correct for a policy route. And rule above would allow for dns to pfsense IP. etc..
But if your lan is 192.168.16, what is the rule to allow access to 192.168.68 for?
-
Hi,
68.1 is a second Pfsense with a VPN Link allowing subnet 68 (home) from lan office 16.
WIth the rule enabled not even a ping to 8.8.8.8.
Still wondering...
-
@labu73 what are you outbound nats? do you have floating rules - from what you posted that rule was never even evaluated - the 0/0 even if you disable a rule, the amount of traffic that trigger in would still be seen.
See here rule my ipv6 all rule, shows 3GB of traffic has triggered that rule. Even after I disable it shows that 3GB of traffic.. But your rule is 0/0 even if you disabled it before you took the sreenshot.. It doesn't show that it was ever triggered.
As to that rule allowing to some other pfsense? Why would your normal internet rule allow that? If you had some vpn or whatever - normal routing you have setup to get to that other pfsense should be allowed by the normal internet rule.
Also not understanding why you have a specific IP.. If you want to allow traffic to some other network this 192.168.68 network - what is specific IP that sure isn't going to allow access to 192.168.68.x
If that 192.168.16.249 sent anything anywhere that hit pfsense, that rule would show the traffic - even if it didn't work. But it shows 0/0 - from what you have shown you have something else in play on why that rule didn't trigger, a floating rule? That is the wrong source IP, it sent its traffic to some other gateway?
-
I am totally lost after several tests.
If i replace my PfSense by a PC with the same setup
IP 192.168.10.99
Gateway 192.168.10.254
DNS 8.8.8.8I have internet doing well
Although the 2 Wans as per first post are OK, the WANGW seems to be not usable.
The ckecks I made:
WANGW is tier2 of a Group Where WAN2ADSL_DHCP is Tier 1 (failover objective).
If I swap Tier1 and Tier2, although WANGW states online, no more access to Internet.
I suspect that the Online state of WANGW is wrong so the group does not swap to tier2.If I unplug igb0 which is the WAN plug (associated with WANGW) the state remains Online.
I am lost.
Help appreciated, many thanks.
