NAT (Port Forwarding) and web failover

skipper · Feb 28, 2012, 7:35 PM

thnx for your help man!
this is my network a bit more detailed,
i have tried to put different interfaces and IPs on the outbound configuration but the traffic goes still to my wan :/
now i put vpnsitetosite as interface and source any but it doesn't work.
what should the destination be? is there something else that i need to define? create a new gateway or something like that?

marcelloc · Feb 28, 2012, 9:03 PM

Try to go to console and do some package capture to find what interface pfsense is using to send traffic to remote host.

skipper · Feb 28, 2012, 9:16 PM

the request is going from vpnsitetosite–>webslavelan-->webslave
and the reply is going from webslave-->webslavelan-->wan
i need to send it back to vpnsitetosite interface

marcelloc · Feb 28, 2012, 9:17 PM

Can you select vpn interface on outgoing nat rule?

skipper · Feb 28, 2012, 9:19 PM

i can select OpenVPN but not the specific vpn interface.
do i need to create a virtual IP, a rule to 1:1, or something additional?
i have tried many combinations for the outbound rule but the http replies are keep going to the wan interface :/

marcelloc · Feb 29, 2012, 1:57 PM

What you get when you select openvpn as interface on outbound nat for this server?

If you can't do it with load balance, consider using a reverse proxy like (varnish,squid-reverse,apache+mod_security)

skipper · Feb 29, 2012, 2:07 PM

i get the same, nothing changes if i select openvpn as interface.
i will try to find another solution as it seems that what i am trying to do it's not possible with load balance.
thnx for your help!