AIM Behind dual wan?



  • Any reason Aol Instant Messenger would not work behind a dual wan config? I can get it to work, but only if it goes out the same link. Our other link, which claims they do not block protocols, won't work.

    Justin



  • It fails because it looks like you're trying to login from 2 places.  I solved it by forcing port 5190 to always go out one gateway.



  • @andy:

    It fails because it looks like you're trying to login from 2 places.  I solved it by forcing port 5190 to always go out one gateway.

    Did you do an advanced outbound NAT? If so can you share a screenshot or something? I am pretty sure I can do it, but an example would help my overworked mind.

    Thanks,
    Justin



  • Create a firewallrule at LAN:
    source any, destination, any, port 5190, gateway WAN

    You don't need a NAT rule.



  • I'm having trouble with ICQ and this as well.

    I've created a rule as directed, and then told it to log when used and it seems like PFSense isn't catching the requests going out on 5190 at all. (they don't appear in the log)

    Maybe I need to perform a fresh install?

    Dual Wan seems to work well enough otherwise, though I was bit initially by the same problem others seem to have experienced… I followed the PDF file in the WIKI for loadbalancing with failover with the creation of additional rules etc.  It seems this isn't necessary... or is it?

    Thanks again... PFSense never ceases to amaze me.

    -- Phob



  • I tried creating a Port alias for 5190 and I now get the following error message :

    php: : New alert found: There where error(s) loading the rules: /tmp/rules.debug:436: syntax error pfctl: Syntax error in config file: pf rules not loaded The line in question reads [436]: pass in quick on $lan route-to ( rl1 192.168.1.1 ) proto tcp from any port { $ICQ } to any port $ICQ flags S/SA keep state label "USER_RULE: ICQ"

    Related?

    – Phob



  • Don't use a sourceport in your firewallrule.



  • Thanks … that got rid of the syntax error.

    -- Phob


Log in to reply