5. Failover to 3G problems

Failover to 3G problems

  • E

    Hallo.
    I want to use my 3g modem as failover to my adsl line, but can't getting it to work.
    Under interfaces / PPPs i have added my 3g modem. I can see under interfaces that the 3g modem getting an external ip, so i guess that it's ok.
    Under System / Routing i have 2 gateways :

    3G                 WAN2        10.64.64.0     195.67.199.28                 Interface 3G Dynamic Gateway
    WAN (default) WAN 90.XXX.XXX.XXX  195.67.199.27                 Interface WAN Dynamic Gateway

    And under System / Routing / Groups

    FailOver 3G          Tier2
                    WAN      Tier1

    Under Status / Gateways i see this:

    3G 10.64.64.0 195.67.199.28    Online                Interface 3G Dynamic GatewayOnline

    WAN 90.xxx.xxx.x 195.67.199.27    Online                Interface WAN Dynamic GatewayOnline

    Under Firewall / Rules / LAN i have 3 rules

    ID Proto  Source Port     Destination Port Gateway Queue Schedule Description

    *           *        *        LAN Address  22        *            *                          Anti-Lockout Rule
                                                                            80
                                                                          443
              *            LAN net    *              *            *          *            None                      Default allow LAN
                                                                                                                                    to any rule

    *              *            *              *            *      FailOver      *

    I must miss something?. When i disable my adsl, my internet connection is lost

    Sorry for bad english.

    0

  • The rules are processed from top to down.
    If a rule catches, the rest below is never considered.
    Since you have an "allow all" rule above your rule using the balancer….. ;)

    0
  • E

    Thank you, now it's working :-)

    0
  • M

    @GruensFroeschli:

    The rules are processed from top to down.
    If a rule catches, the rest below is never considered.
    […]

    I thought it were the last matched rule to "win". I mean, the rules are all processed from top to down, the last rule matching the packet, catches it.
    So, what does the 'Apply the action immediately on match' in the rule editor do?

    I'm asking to clarify myself how pfsense works.

    Thanks

    0

  • On which page do you see this option?

    The only place i can find the string "Apply the action immediately on match" is for the trafficshaper.

    This is about firewall / NAT rules

    0
  • Rebel Alliance Developer Netgate

    @marcogi:

    @GruensFroeschli:

    The rules are processed from top to down.
    If a rule catches, the rest below is never considered.
    […]

    I thought it were the last matched rule to "win". I mean, the rules are all processed from top to down, the last rule matching the packet, catches it.
    So, what does the 'Apply the action immediately on match' in the rule editor do?

    I'm asking to clarify myself how pfsense works.

    Thanks

    Floating rules are different. Floating rules can either have quick checked to be top-down, or unchecked to be last-match-wins. Floating rules are not used by most people, and are mostly used for traffic shaping.

    On every other tab, the rules are processed top-down.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy