Wierd Routing or DNS Issue

  • Hello all:

    I am running pfsense with the following configuration:

    • two pfsense firewalls

    • three incoming internet connections

    • carp for high availability

    tennets LAN 172.16.xxx.xxx Route to Internal Networks  
    wilinegw WILINE 216.75.xxx.xxx WiLine Default Gateway  
    dsl1gw DSL1 75.42.xxx.xxx DSL1 Default Gateway  
    dsl2gw DSL2 99.60.xxx.xxx DSL2 Default Gateway

    Routes tennets - 172.16.xxx.xxx LAN Route to Internal Networks

    Gateway Groups (LoadBalanceGateways)
    DSL1GW Tier 1
    WILINEGW Tier 2
    DSL2GW Tier 3

    Everything works perfectly in the above configuration.  The problem is that we have now bumped up our WILINE connection to 15Mbs and I would like to make this the Tier 1 connection.  When I do this everything works perfectly save for one critical exception, I cannot get to www.nimblestorage.com host when WILINE is the primary outgoing connection using this:

    Gateway Groups (LoadBalanceGateways)
    WILINEGW Tier 1
    DSL1GW Tier 2
    DSL2GW Tier 3

    If either DSL1 OR DSL2 is primary the host can be pinged, SSH/HTTP all work.  As soon as I switch to WILINE as Tier 1 that host is unreachable.  Every other host on the internet seems to be reachable except for that one, there are zero firewall rules or NATs that reference this host.  I have verified the host is reachable outside of the firewall by name and IP address.  This is a real head scratcher, any ideas?  What more info can I provide?

  • First of all remove your public ip-addresses
    Have you taken packet capture if you try to ping or browse to that one location, via wiline.
    You can create a route to use another gateway if nothing else works

Log in to reply