4. Routing Back to internal subnet gateway

Routing Back to internal subnet gateway

  • ?

    Hi,

    I've a network configuration as follows

    WAN –--(GW1)Pfsense----172.27.25.0/24----GW2(Router)---10.0.0.0/8

    In this configuration GW1(pfesense) is the default Gateway, so when a user in network 172.27.25.0/24 ask for a destination on network 10.0.0.0/8 goes to GW1.

    So my question is, How can I redirect all the traffic from lan 172.27.25.0/24 to subnet 10.0.0.0/8, to GW2?

    I define a the GW2 in pfsense, and create a static route to subnet 10.0.0.0/8 using the GW2, but it doesn't work

    thanks for your help

    0
  • P

    The firewall is probably blocking it. You have 2 options, create a rule to allow the traffic (from 10.0.0.0/8) or go into the advanced firewall option and enable the static route filtering (Bypass firewall rules for traffic on the same interface).

    0
  • ?

    Thanks for your soon answer, I did't it, in System/Advanced/Firewall/Nat and check "Static route filtering" I try a tracert, but it tries to pass the traffic to WAN.

    Additional information, I've configured Multiwan y Squid on Pfsense, but I think this must not be a problem, i think is only a routing problem

    Tracing route to 10.0.0.21 over a maximum of 30 hops
      1    *        *        *    Request timed out. (pfsense)
      2    12 ms    12 ms    11 ms  198.50.1.25 (This an ISP address)
      3    *        *        *    Request timed out.

    But must be:
    Tracing route to 10.0.0.21 over a maximum of 30 hops:

    1    1 ms    <1 ms    <1 ms  172.27.25.1 (GW2)
      2    1 ms    1 ms    1 ms  10.0.0.21

    0
  • P

    If you have multiwan, try setting a rule above the default rule to allow anything from 10.0.0.0/8 to LAN subnet use GW2 and then another rule to allow LAN subnet to 10.0.0.0/8 on GW2. Make sure these are above the rules you already have.

    0
  • ?

    Still Not working, in the images bellow is what I've done

    1.- Create the gateway
    2.- Define the Routes
    3.- Define the Rules
    4.- Select the Static Route Filtering option

    But I think is not a problem with Rules, is a problem with routes, when I look for an address that is in different GW, the router must redirect me to this other GW, as I'm in the same interface as GW2, the firewall has nothing to do, but the router function must redirect me to the right GW, so I'm a little confused with this. I've attached my network diagram to be more clear of what I want, the user wants to access the server, and the user default gateway is GW1 and server is behind GW2







    ![Static Route Filtering.png](/public/imported_attachments/1/Static Route Filtering.png)
    ![Static Route Filtering.png_thumb](/public/imported_attachments/1/Static Route Filtering.png_thumb)

    0
  • P

    Most with multiwan have to also use policy routing to accomplish what you want. How are your other rules setup? Are they not going to a gateway pool for multiwan?

    0
  • A

    I've re install everything, then first I define the Gateway and Route to internal subnets (Servers behind a different LAN Router), and works perfect with 1 LAN and 2 WAN (no special rules), but as soon as I modify the LAN Rule changing gateway to Multiwan it stops working. Then I add two rules, over default lan Rule to/from servers Subnet, and is working again.

    Later I will try enabling squid.

    ![Lan rule to Subnet.png](/public/imported_attachments/1/Lan rule to Subnet.png)
    ![Lan rule to Subnet.png_thumb](/public/imported_attachments/1/Lan rule to Subnet.png_thumb)

    0
Locked
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy