Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Dual WAN / Split Access

    Routing and Multi WAN
    2
    3
    3808
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H
      Horu last edited by

      Hi,

      I'm new to pfSense and have a question regarding routing and 2 ISPs. Outbound traffic is fine, my problem occurs when I access an OpenVPN server on my DMZ remotely. If I connect via ISP1, which is also the OVPN's default gateway, it works. If I connect via ISP2 it fails because ISP1's FW is stilll the default gateway.

      I can't change this behaviour because of the limitations of the OS, so I was gong to put an "Intelligent" router between the ISP1/2 firewalls and the OVPN server, so whichever ISP the OVPN server was contacted via it could respond via the same route.

      My question is, can pfSense do this? Linux Router Pro can but doesn't support my ageing PCMCIA cards I want t use. It uses iproute2 and the scenario is described in section 4.2.1 http://www.wifi.com.ar/english/doc/network/multiple-upstream-balancing-howto.html

      Thanks,

      Tony

      1 Reply Last reply Reply Quote 0
      • H
        hoba last edited by

        Actually I think that should work as the connection is initiated from the outside and nated to the inside the answer should go out the same WAN the request came in (sticky state). Give it a try and report back.

        1 Reply Last reply Reply Quote 0
        • H
          Horu last edited by

          Hi,

          I do have it setup as described in my post and it doesn't work. If I manually change the default gateway on the OVPN server I can connect through either ISP (not at the same time though).

          An Ethereal trace shows that the arriving packet has a real IP address 86.1.x.x and when the OVPN server responds it sends the reply to via its default gateway, which may or may not be originating one.

          Tony

          1 Reply Last reply Reply Quote 0
          • First post
            Last post