Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Problem or my mistake..? Policy based Routing 2.0-RC3 [Aug 18, 19:09:20, 2011]

    2.0-RC Snapshot Feedback and Problems - RETIRED
    2
    2
    3126
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      brickone last edited by

      Hi,

      i have had some problems in policy based routing via static route.

      I have configured a additional gateway and set a static route to a remote network in pfsense. To get this route working i have added a firewall rule in LAN tab to direct the traffic for remote network to the static route.

      When i set the gateway in Advanced features to the additional gateway (policy based routing), the connection becomes very unstable (ssh connections are disconnected after a few seconds, mysql connections are lost…).

      But when i set (let) the gateway configured to default, the system routing table is used and the connection is stable without any connection losts or disconnects.

      My Problem is solved now but i want to know if there is a bug in policy based routing or i have misunderstood something.

      Thanks,

      brick1

      1 Reply Last reply Reply Quote 0
      • jimp
        jimp Rebel Alliance Developer Netgate last edited by

        You do not need policy-based routing for static routes.

        You may have introduced some kind of asymmetric routing in the process, especially if that other network is reached via an IP on the same network where the client is.

        With the gateway as default, the firewall will send back an ICMP redirect and the client will talk directly to the other router. With PBR, the firewall will try to forward it there on its own.

        You probably also want to go to System > Advanced on the Firewall/NAT tab and check the box to bypass firewall rules for directly connected networks.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post

        Products

        • Platform Overview
        • TNSR
        • pfSense
        • Appliances

        Services

        • Training
        • Professional Services

        Support

        • Subscription Plans
        • Contact Support
        • Product Lifecycle
        • Documentation

        News

        • Media Coverage
        • Press
        • Events

        Resources

        • Blog
        • FAQ
        • Find a Partner
        • Resource Library
        • Security Information

        Company

        • About Us
        • Careers
        • Partners
        • Contact Us
        • Legal
        Our Mission

        We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

        Subscribe to our Newsletter

        Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

        © 2021 Rubicon Communications, LLC | Privacy Policy