4. Multi WAN and Multi LAN issue.

Multi WAN and Multi LAN issue.

  • E

    I have 5 LAN Subnets and I have 2 WAN Connections.  I am using PFSense 2.0 Release.  I have setup the group to failover to our second WAN Connection.  I have also setup the Rules to reflect this Gateway.  However I cannot communicate between LAN Subnets.  If I change he gateway in the rules back the default it works just fine.  Am I missing something?  Any help would be greatly appreciated.  I would like to be able to failover my outbound traffic to my second WAN on all LAN Subnets.

    0

  • Pfsense is doing what you told 'him' to do. Route everything allowed to fail-over.

    To Fix your problem, create a rule before Gw one allowing traffic between lan interfaces with default Gw.

    0
  • E

    @marcelloc:

    Pfsense is doing what you told 'him' to do. Route everything allowed to fail-over.

    To Fix your problem, create a rule before Gw one allowing traffic between lan interfaces with default Gw.

    When I do that.  Now the the Failover doesn't work.  Doesn't your Rule suggestion completely override the GW Failover one?

    Thanks For your help.

    0

  • On each lan interface:
    First rule -> permit lan_x subnet to lan subnets(alias) with default Gw
    Second rule -> permit lan_x subnet to internet failover Gw

    Did you got it?

    0
  • E

    @marcelloc:

    On each lan interface:
    First rule -> permit lan_x subnet to lan subnets(alias) with default Gw
    Second rule -> permit lan_x subnet to internet failover Gw

    Did you got it?

    Thank you.  I misread your previous post and put LAN to Any default GW.  I change that to the other LAN2 Subnet and that worked great.

    0
  • P

    @marcelloc:

    On each lan interface:
    First rule -> permit lan_x subnet to lan subnets(alias) with default Gw
    Second rule -> permit lan_x subnet to internet failover Gw

    Did you got it?

    Hi marcelloc,

    I am sorry but I am having the same gateway/rule issue but "I don't got it".

    Configuration;
    2.0-Rel
    5 interfaces bridged as one subnet
    3 ISP WANs grouped at tier one level

    System:Advanced:Firewall and NAT;
    Disable reply-to on WAN rules = Disabled (checked)

    System:Advanced:System Tunables;
    net.link.bridge.pfil_onlyip  = 0
    net.link.bridge.pfil_member = 0
    net.link.bridge.pfil_bridge =1

    System:Gateways:EditGateway
    Monitor: verified
    Weight: set and verified
    Latency: set and verified
    Loss: set and verified

    All the hardware is running correctly and pfSense behaves as advertised.

    Depending upon which Gateway is used in the rules (DG or Group) either the subnet OR the gateway become unreachable.

    I simply need to group 5 interfaces into one subnet and use the a "Group" gateway to load balance across the WANs.

    Can you help with some rule ideas?  I have tried everything.

    Thank you

    0

  • The basic idea is create a rule to permit traffic between interfaces without any gateway.

    Test this first and then create rules that forces a gateway.

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy