Accessing HTTPS site with Load Balancing



  • Hi There

    I might be posting this is in the wrong forum….

    I am very very new to PF sense(and networking) and I am still figuring it out...

    I have a 1 LAN multiple WAN setup that was done in my office. Load balancing through both WANS via Round Robin.

    Some of my users have a problem with accessing a specific Bank site.

    I contacted the Bank and they told me that it is because of load balancing. They asked me to route traffic to a specific subnet on only one IP address. How do I set a rule on PF sense that all traffic going to a specific subnet should go through WAN1 only and should not go through WAN2?

    Thanx



  • Try with sticky connections first to have some automatic failover (System: Advanced: Miscellaneous: Load Balancing)



  • You can create an Alias for the subnet and then a LAN rule with destination the subnet and gateway one of your WANs.

    However, there aw several sites that this trick will not work, I do not know why. I have tried with sticky connections, failover groups instead of load balancing or the method above, but no luck.

    I need one answer to this myself as well.

    Best regards

    Kostas



  • @costasppc:

    However, there aw several sites that this trick will not work, I do not know why. I have tried with sticky connections, failover groups instead of load balancing or the method above, but no luck.

    With fail-over it should work, I can't think of a reason why it wouldn't.

    Which sites have you had trouble with?



  • Thank you.

    I do not want to hijack this thread, though.

    There is a site for ecommerce tat we buy computer parts, which works with partner accounts. While logged in, we get kicked out, and they told us that it happens because the wan ip has changed. It should not be happening right? I check the Firewall logs when we access this URL, and pfsense uses the rules we created for this specific URL.
    How can we check if it it changing WANs?

    Bet regards

    Kostas


Log in to reply