Multiple connection to different servers using the same port number
-
I could not find an answer if this is possible or not? I want to setup a pfsense server to connect to port 119 over different wans.
My question goes:
I have newsleecher ( a newsgroups program on a Win XP PC) that makes a connection to different servers (all have there own IP) all over port 119. I want PFsense to hardcoded route each connection to a server over a different WAN. So PFsense must see were i connect to (Ip adress or URL name e.g. 132.0.0.1 or 142.0.0.1 or binaries.newsplanet.com) and route accordingly over the specified WAN.
Is this possible??? and if so, How?
Thank you all in advance for answering..
I have a P4 1.7GHz with 768MB of RAM, this should do for 3 wans (8Mbit, 3Mbit, 3Mbit) right?
Topology:
Newsserver 1 Newsserver 2 Newsserver 3
132.0.0.1 142.0.0.1 152.0.0.1
| | |
| | |
| | |
| | |
–-------------------------------------
Wan1(DSL) Wan2 (Wlan) Wan3(Wlan)PFSense (P4 1.7GHz)
10.0.0.0
---------------------------------------
|
|
|
---------------------------------------
10.0.0.2
ClarkConnect (i need this for server and other stuff)
192.168.1.0
---------------------------------------
|
|
|
---------------------------------------
192.168.1.193
PC (connecting to port 119)
---------------------------------------Greetings Lampie
-
You have to create a bunch of firewallrules. I recommend using hosts-aliases (like wan1dst, wan2dst,…)to keep the amount of rules low.
Create a firewallrule at interfaces>lan like:
pass, proto tcp, source any, destination <wanxdst>, port <119>, gateway <wanx>.Make sure these rules are above of other loadbalancing rules. Ruleorder is important to make this work correctly.</wanx></wanxdst>
-
Thank you hoba for responding to my question.
What do you mean by, I recommend using hosts-aliases (like wan1dst, wan2dst,…)to keep the amount of rules low. How do working with result in fewer rules? If i take 132.0.0.1 or Wan1dst, that shouldnt matter?Please explain :)
Greetings xander
-
Let's say you have a bunch of IPs that always should be routed through WAN1 (111.111.111.111, 123.123.123.123, 231.244.22,…) you could create a hosts-alias and add all these IPs to this alias. If you then use this alias in a firewallrule as destination you only need 1 firewallrule instead of having one firewallrule per IP. The same mechanism works for ports-aliases or networks-aliases. Also it might be more descriptive to have an alias for an IP instead of having the IP. Another advantage is, if this alias is referenced by a firewallrule and a nat rule for example, you only have to change the aliasdefinition and all settings that reference this alias will be changed too.
-
Wowww :0 Thats freaking handy :) i know the hosts file in windows so this works he same way. Interesting… Were can i edit these files, is there a tutorial on this?
Thank you cincerely
-
It's not a file. It's just firewall>aliases in the webgui. You can use aliases in all inputfields with red backgrounds.