1. Home
  2. pfSense® Software
  3. Routing and Multi WAN
  4. Multi WAN and Multi LAN issue.

Multi WAN and Multi LAN issue.

  • E

    I have 5 LAN Subnets and I have 2 WAN Connections.  I am using PFSense 2.0 Release.  I have setup the group to failover to our second WAN Connection.  I have also setup the Rules to reflect this Gateway.  However I cannot communicate between LAN Subnets.  If I change he gateway in the rules back the default it works just fine.  Am I missing something?  Any help would be greatly appreciated.  I would like to be able to failover my outbound traffic to my second WAN on all LAN Subnets.

    0
  • marcelloc

    Pfsense is doing what you told 'him' to do. Route everything allowed to fail-over.

    To Fix your problem, create a rule before Gw one allowing traffic between lan interfaces with default Gw.

    0
  • E

    @marcelloc:

    Pfsense is doing what you told 'him' to do. Route everything allowed to fail-over.

    To Fix your problem, create a rule before Gw one allowing traffic between lan interfaces with default Gw.

    When I do that.  Now the the Failover doesn't work.  Doesn't your Rule suggestion completely override the GW Failover one?

    Thanks For your help.

    0
  • marcelloc

    On each lan interface:
    First rule -> permit lan_x subnet to lan subnets(alias) with default Gw
    Second rule -> permit lan_x subnet to internet failover Gw

    Did you got it?

    0
  • E

    @marcelloc:

    On each lan interface:
    First rule -> permit lan_x subnet to lan subnets(alias) with default Gw
    Second rule -> permit lan_x subnet to internet failover Gw

    Did you got it?

    Thank you.  I misread your previous post and put LAN to Any default GW.  I change that to the other LAN2 Subnet and that worked great.

    0
  • P

    @marcelloc:

    On each lan interface:
    First rule -> permit lan_x subnet to lan subnets(alias) with default Gw
    Second rule -> permit lan_x subnet to internet failover Gw

    Did you got it?

    Hi marcelloc,

    I am sorry but I am having the same gateway/rule issue but "I don't got it".

    Configuration;
    2.0-Rel
    5 interfaces bridged as one subnet
    3 ISP WANs grouped at tier one level

    System:Advanced:Firewall and NAT;
    Disable reply-to on WAN rules = Disabled (checked)

    System:Advanced:System Tunables;
    net.link.bridge.pfil_onlyip  = 0
    net.link.bridge.pfil_member = 0
    net.link.bridge.pfil_bridge =1

    System:Gateways:EditGateway
    Monitor: verified
    Weight: set and verified
    Latency: set and verified
    Loss: set and verified

    All the hardware is running correctly and pfSense behaves as advertised.

    Depending upon which Gateway is used in the rules (DG or Group) either the subnet OR the gateway become unreachable.

    I simply need to group 5 interfaces into one subnet and use the a "Group" gateway to load balance across the WANs.

    Can you help with some rule ideas?  I have tried everything.

    Thank you

    0
  • marcelloc

    The basic idea is create a rule to permit traffic between interfaces without any gateway.

    Test this first and then create rules that forces a gateway.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy