Two ISP, 10 IP, 1 1:1 NAT, and No idea!



  • I've been trying to setup my pfsense box for a while now, I've managed to get one ISP up and running just fine.

    When it comes to two however, it's a diffrent story

    I have three NICS, two connected to my ADSL modems, and one to my network

    I want the same port forwarding to occur on both ISP ips, so that incoming data can occur on either IP, without the need to reconfigure the firewall, (switch it dns, which works fine at the moment)

    For this to work, does pfsense remember which ISP a packet came in on, so that the return packet goes via the route it came in, rather than the default route? (my current tests, show it goes back via the default, which doesn't help)

    Finally, I'd like to do a 1:1 NAT, so that I can give a higher priority to VoIP traffic, (and because our voice setup requires it), and also be able to seperate it using graphs which pfsense can produce.

    Any advice and comments will be appreciated.



  • For this to work, does pfsense remember which ISP a packet came in on, so that the return packet goes via the route it came in, rather than the default route? (my current tests, show it goes back via the default, which doesn't help)

    It uses default route. You can do policy based routing from the Firewall Rules and choose a different gateway for a traffic handled by a particular Firewall Rule but you can not do dynamic routing based on the inbound source of the traffic.

    I am not aware of any firewall capable of doing what you are trying to do.

    One solution may be to dual IP the servers/services you want to publish and publish one IP to the internet connection from one ISP and the other IP to the other internet connection. Then use policy based routing to have the return traffic routed properly through the correct ISP.


Log in to reply