Multiple outbounds & outbound connections from software on pfsense filtered

  • I have the following setup:

    WAN (ADSL - ng0, public IP), OPT1 (le2, public IP), OPT2(le3, public IP)
    Load balancing OPT1+WAN (5:1)

    I am trying to run the Ziproxy server directly on the box. I am trying to run three instances each bound to one external interface with outgoing requests going out through the same interface - if the request comes through the OPT2 interface, I want the proxy to fetch the data through the same outbound interface.

    Well, the problem is that the pfSense is filtering any outgoing connection to HTTP servers from interfaces other then WAN (ADSL link ng0). This can be easly demonstrated with the curl:

    curl -v -debug –interface le2

    • About to connect() to port 80 (#0)
    • Trying Bind local address to xx.yyy.205.111
    • Local port: 28820

    The same will happen on "le3" but on the "ng0" (WAN int. - ADSL) the request will get out.

    Can someone offer me an advice or a solution? ;)

    Best regards,

  • I think your problem is somewhere else.

    pfSense doesnt filter outbound!
    The firewall filters only on traffic inbound on an interface.
    Since you run your software on the pfSense itself, there is no firewall blocking your connection.

    Could it be that the request from the outside doesn't get to the pfSense?
    –> Do you have a firewall rule on each interface allowing traffic to the pfSense itself?

  • :( I was wrong in assuming that by binding to a specific outbound interface on the router I'll automatically use it's default gateway for outbound traffic. It looks like my problem is that I'd like to use a different (it's) default gateway when I bind to a specific interface (WAN,OPT1,OPT2). Otherwise everything goes out through the WAN connection since this is the default gateway.

    I am still searching through the appropriate forum for a suggestion or a solution. But If anyone can offer me an advice here I'd appreciate.

    Thank you and regards,

  • What kind of devices do you have in front of the different WANs?
    If they are pfSenses you can enable source NAT and it should work.

Log in to reply