Two LANs, two WANs, allow traffic through only one WAN from LAN2

  • Hi all,

    I have a setup that should be pretty basic, but struggling to make it work as I'd like to.

    I have configured pfSense (2.0 Release) with two WANs (WAN1 and WAN2), they are in an interface group that is configured to do failover (if the primary WAN1 goes down, WAN2 is used - this works).
    There are two LANs (LAN1 and LAN2).

    This is what I want to achieve:

    *LAN1 should be able to use both WAN1 and WAN2 (if WAN1 goes down the traffic should go through WAN2).
    *LAN2 should only be able to use WAN1 (not WAN2 if WAN1 goes down).

    The background for this is that WAN2 has a volume based cost, so more traffic gives higher cost, so only traffic from prioritized clients on LAN1 should be allowed to use WAN2.

    This is what I have done:

    *Configured a rule for LAN1 where source is LAN1 net and allowing any traffic through the gateway group.
    *Configured a rule for LAN2 where source is LAN2 net and allowing any traffic through the WAN1 gateway.

    This is the problem:

    *When I pull out the WAN1 cable (so that it uses WAN2 only) I am not able to getting any traffic through, DNS is not working.

    Is this setup possible to achieve in some way? Can you see what is wrong with this setup?

    Thanks in advance for any help regarding this.


  • Have you enabled default gateway switching under System/Advanced/Miscellaneous?

  • No, is that required to make it work? Will try that tomorrow. Thanks.

  • It seems to work now without turning that feature on. Just had to restart the pfSense box :-)

Log in to reply