LAN traffic to specific IPs use WAN1 not WAN2?



  • I’m having issues getting all traffic going to specific ips from LAN to go through WAN2. I am on a 2wan>1lan setup.

    WAN1-firewall rules
    –---------------
    action:block
    interface:wan
    protocal tcp/udp
    source:any
    destination:network xx.xx.xx.0/24
    destination port range: Blank

    WAN2-firewall rules

    action:pass
    interface:wan2
    protocal tcp/udp
    source:any
    destination:network xx.xx.xx.0/24
    destination port range: Blank

    I have made one of these rules for every ip I needed for WAN1 Block and WAN2 PASS

    It looks like the rules are getting ignored and there is no traffic going to wan2 which I want to use specifically for voip. That is all. Do I need to do something else?



  • That’s not how you do it. Create a firewall rule on the LAN interface and specify the destination IP address you want to force through WAN2. Then at the bottom of the page use the advanced gateway settings to choose WAN2’s gateway. This rule should have a higher priority than the LAN->* rules that go through WAN1. There’s no need for any WAN rules or to block anything on the LAN rules.



  • Thank you for clearing that for me. Everything is working great.

    *I did simulate WAN2 going down and all programs and traffic using WAN2 stopped working. Do I need to create rules below the ones I created to push traffic back to WAN1 in case WAN2 goes down?



  • When you select a gateway in your LAN rule you’re creating policy routing with no load balancing or failover. If you want those things you have to go to System: Gateway Groups as per the howto:

    http://doc.pfsense.org/index.php/Multi-WAN_2.0#Gateway_Groups



  • worked great. thank you very much for the help 😄


Locked
 

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy