Traffic blocked on OPT1
-
pfSense itself cannot make use of the loadbalancer.
So every test you run from the pfSense itself is useless.To test the multiWAN: Set up a balancing pool.
Create a firewall rule using this balancing pool.
Test with a client from behind the pfSense.Another way would be to create a static route for a specific IP pointing to your secondary WAN, then ping this IP (from the pfSense itself).
But this isn't multiWAN, just a way to force traffic locally to a different gateway.
Actually this is what you should do for at least one DNS server, to make sure even if the primary WAN is down you dont loose the ability to resolve names. -
Can you explain creating the static routes? The document just says to create them, but doesn't give an example.
My issue is do I make it a route for the LAN or for each individual WAN/OPT1 connection?
Thanks,
Shredder -
"System" –> "Static Routes"
Click the +
Select the interface on which traffic should go out for the route
Enter in "Destination network" the IP you want to always send to WAN2. Select as subnet /32 if you want only a single IP.
Enter in Gateway the IP of your WAN2 gateway. -
pfSense itself cannot make use of the loadbalancer.
So every test you run from the pfSense itself is useless.To test the multiWAN: Set up a balancing pool.
Create a firewall rule using this balancing pool.
Test with a client from behind the pfSense.Another way would be to create a static route for a specific IP pointing to your secondary WAN, then ping this IP (from the pfSense itself).
But this isn't multiWAN, just a way to force traffic locally to a different gateway.
Actually this is what you should do for at least one DNS server, to make sure even if the primary WAN is down you dont loose the ability to resolve names.Thanks for the answer :D
As my final goal is to set up a balancing pool I set it up, created the LAN rules following the guide, and tested: it's works! :D
Now I need to set up an OpenVPN connection on the fixed IP, there is any known problem? I checked the forum and only found old threads… -
There Are no problems with openvpn that i am aware of.
-
Thanks! :D
Everything worked fine! :D
I think this topic can be marked as solved :)But before I have just a somewhat related question: I tryed to connect to my pfSense with an manual IP and DNS (the same set on pfSense) and I had many problems accessing the www (very slow page load, many time-outs, an so on..) while the connection through the same ADSL line (using a different firewall) is ok. If I enable DHCP on pfSense and let it assign IP and DNS to my PC the connection runs fine.
Where can lie the problem? -
"System" –> "Static Routes"
Click the +
Select the interface on which traffic should go out for the route
Enter in "Destination network" the IP you want to always send to WAN2. Select as subnet /32 if you want only a single IP.
Enter in Gateway the IP of your WAN2 gateway.So if I want to set the route so it goes out my WAN connection, I pick WAN from the drop down and then put in the WAN gateway? Doesn't that seem redundant? That is where I am getting confused.
-
The default route is to the WAN.
You only need to add a static route if you want to traffic to go somewhere else than the default WAN.So no you dont need to add a static route for your WAN pointing to your default WAN.
-
OK. So for my case, I would select OPT1 for the gateway, put in the IP address of the DNS server/32, and then put in the gateway of the OPT1 connection.
To test that this is working, my best bet would be to SSH into the firewall and do traceroutes to the IP of the DNS server. It should always go out my OPT1 interface, correct?
Thanks,
Shredder -
Yes.
