Dual WAN / Split Access
-
Hi,
I'm new to pfSense and have a question regarding routing and 2 ISPs. Outbound traffic is fine, my problem occurs when I access an OpenVPN server on my DMZ remotely. If I connect via ISP1, which is also the OVPN's default gateway, it works. If I connect via ISP2 it fails because ISP1's FW is stilll the default gateway.
I can't change this behaviour because of the limitations of the OS, so I was gong to put an "Intelligent" router between the ISP1/2 firewalls and the OVPN server, so whichever ISP the OVPN server was contacted via it could respond via the same route.
My question is, can pfSense do this? Linux Router Pro can but doesn't support my ageing PCMCIA cards I want t use. It uses iproute2 and the scenario is described in section 4.2.1 http://www.wifi.com.ar/english/doc/network/multiple-upstream-balancing-howto.html
Thanks,
Tony
-
Actually I think that should work as the connection is initiated from the outside and nated to the inside the answer should go out the same WAN the request came in (sticky state). Give it a try and report back.
-
Hi,
I do have it setup as described in my post and it doesn't work. If I manually change the default gateway on the OVPN server I can connect through either ISP (not at the same time though).
An Ethereal trace shows that the arriving packet has a real IP address 86.1.x.x and when the OVPN server responds it sends the reply to via its default gateway, which may or may not be originating one.
Tony