Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    2 wans, one for WWW and the other for everything else

    Routing and Multi WAN
    3
    3
    1969
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      Feynman last edited by

      I'm trying to set up PFsense to direct all port 80 (www) traffic over WAN 1 (which is hooked up to an AT&T DSL line) and everything else over OPT1 (which is connected to a cisco router, then a T1).

      The reason for this is the cisco router has historically been our main internet connection but it also has a site-to-site VPN with another location with people doing missing critical operations such as remote desktop, transferring files, etc. Whenever there is a big internet download happening it severely degrades the performance of the other operations happening over the VPN.

      My hope is that by separating them out in this way the VPN services will stabilize a bit, however I am not entirely sure the best way to do it.

      So I set up all the interfaces and I'm logged into the pfsense for the first time. I'm GUESSING I go to firewall rules, WAN, and create a new rule that says PASS on the WAN interface all TCP packets with a source and destination port WWW to the gateway 99.124.205.x which is the AT&T gateway.

      Then on the OPT1 rules I pass on the OPT1 interface all TCP packets the are NOT (I use the "not" checkbox) from a source or destination WWW to the gateway 10.1.0.1 (this is the cisco router, and was the gateway everyone uses currently for internet AND vpn traffic).

      My first question is this the best way to do it? It actually seems to work in my testing. If I go to "whatismyipaddress.com" it returns the AT&T ip address but I can still access VPN resources.

      However VPN seems quite a bit slower than it was without PFsense sitting in between. Remote desktop is especially choppy/laggy. Is there something I'm missing to improve performance? Thanks for any help!

      1 Reply Last reply Reply Quote 0
      • M
        max_ens last edited by

        easy tcp_outgoing_address

        1 Reply Last reply Reply Quote 0
        • Z
          znelbok last edited by

          I dont get what you have done.

          If you set it up on the WAN and OPT1, then isn't that for in coming connections from the internet?

          My logic to me says to add the rules to the LAN set.

          I am struggling with a similar setup where I need to use two different WAN connections for specific applications.

          Mick

          1 Reply Last reply Reply Quote 0
          • First post
            Last post

          Products

          • Platform Overview
          • TNSR
          • pfSense
          • Appliances

          Services

          • Training
          • Professional Services

          Support

          • Subscription Plans
          • Contact Support
          • Product Lifecycle
          • Documentation

          News

          • Media Coverage
          • Press
          • Events

          Resources

          • Blog
          • FAQ
          • Find a Partner
          • Resource Library
          • Security Information

          Company

          • About Us
          • Careers
          • Partners
          • Contact Us
          • Legal
          Our Mission

          We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

          Subscribe to our Newsletter

          Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

          © 2021 Rubicon Communications, LLC | Privacy Policy