Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Problem accessing some websites with multi wan enabled

    Scheduled Pinned Locked Moved Routing and Multi WAN
    5 Posts 2 Posters 2.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • O
      Ozzik
      last edited by

      Hi,
      probably this issue has already been discussed, but I couldn't find it.
      Since sticky connections don't really work (at least in 1.2.3) I was wondering how can I access some websites while in Multi Wan.
      Such sites include ebay, technet.microsoft, newegg. Just to clarify - I'm not talking about HTTPS, just regular HTTP.
      When I try accessing them - they never end loading. I tried creating an alias for such websites and then directing them all to go through a particular gateway. This way it seems to work. But of course it's not very realistic - adding all the IPs of such huge websites.
      Is there a solution for this issue? I'm sure lots of people experiencing this.

      I'm aware of the solution, when each LAN subnet can be routed through a different gateway, but it's not very realistic for me today.

      And another question, is there a way to add a hostname to an alias instead of an IP? (so that the firewall would do the resolving).

      Thanks.

      1 Reply Last reply Reply Quote 0
      • P
        Perry
        last edited by

        I use failover pools as I don't see the point for using loadbalancing pools unless a download manager is in play.
        I've created two failover pools (WAN2 has a faster download than WAN)
        WAN2FailsToWAN Using a port alias with http https etc. (80, 443, 6667, 1935, 25, 143, 465, 993, 587)
        WANFailsToWAN2 Doing everything else.

        And another question, is there a way to add a hostname to an alias instead of an IP? (so that the firewall would do the resolving).

        Nope

        /Perry
        doc.pfsense.org

        1 Reply Last reply Reply Quote 0
        • O
          Ozzik
          last edited by

          OK, I know it's an option, but most of the traffic at my office is HTTP and HTTPS. We have 3 x 10Mb lines and I'd like to use all of them, as we have about a 100 users surfing the net all day long.

          1 Reply Last reply Reply Quote 0
          • P
            Perry
            last edited by

            Let's say there is 20 users in 5 subnet's. I would split those 20 users in a subnet to 3 groups

            Subnet 1:
            User range 192.168.1.2-6 with a destination port alias (http and https) gateway WAN2FailsToWAN
            User range 192.168.1.7-16 with a destination port alias (http and https) gateway WAN3FailsToWAN
            User range 192.168.1.17-21 with a destination port alias (http and https) gateway WAN2FailsToWAN
            WANFailsToWAN3 Doing everything else

            Subnet 2:
            User range 192.168.2.2-6 with a destination port alias (http and https) gateway WAN3FailsToWAN
            User range 192.168.2.7-16 with a destination port alias (http and https) gateway WAN2FailsToWAN
            User range 192.168.2.17-21 with a destination port alias (http and https) gateway WAN3FailsToWAN
            WANFailsToWAN2 Doing everything else

            /Perry
            doc.pfsense.org

            1 Reply Last reply Reply Quote 0
            • O
              Ozzik
              last edited by

              I see. I was hoping for something more automatic, but I guess I'll have to wait for 2.0 and pray that sticky connection will work there. Anyway, thanks a lot! I'll keep that in mind.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.