Routing Back to internal subnet gateway

Guest

Hi,

I've a network configuration as follows

WAN –--(GW1)Pfsense----172.27.25.0/24----GW2(Router)---10.0.0.0/8

In this configuration GW1(pfesense) is the default Gateway, so when a user in network 172.27.25.0/24 ask for a destination on network 10.0.0.0/8 goes to GW1.

So my question is, How can I redirect all the traffic from lan 172.27.25.0/24 to subnet 10.0.0.0/8, to GW2?

I define a the GW2 in pfsense, and create a static route to subnet 10.0.0.0/8 using the GW2, but it doesn't work

thanks for your help

podilarius

The firewall is probably blocking it. You have 2 options, create a rule to allow the traffic (from 10.0.0.0/8) or go into the advanced firewall option and enable the static route filtering (Bypass firewall rules for traffic on the same interface).

Guest

Thanks for your soon answer, I did't it, in System/Advanced/Firewall/Nat and check "Static route filtering" I try a tracert, but it tries to pass the traffic to WAN.

Additional information, I've configured Multiwan y Squid on Pfsense, but I think this must not be a problem, i think is only a routing problem

Tracing route to 10.0.0.21 over a maximum of 30 hops
1 * * * Request timed out. (pfsense)
2 12 ms 12 ms 11 ms 198.50.1.25 (This an ISP address)
3 * * * Request timed out.

But must be:
Tracing route to 10.0.0.21 over a maximum of 30 hops:

1 1 ms <1 ms <1 ms 172.27.25.1 (GW2)
2 1 ms 1 ms 1 ms 10.0.0.21

podilarius

If you have multiwan, try setting a rule above the default rule to allow anything from 10.0.0.0/8 to LAN subnet use GW2 and then another rule to allow LAN subnet to 10.0.0.0/8 on GW2. Make sure these are above the rules you already have.

Guest

Still Not working, in the images bellow is what I've done

1.- Create the gateway
2.- Define the Routes
3.- Define the Rules
4.- Select the Static Route Filtering option

But I think is not a problem with Rules, is a problem with routes, when I look for an address that is in different GW, the router must redirect me to this other GW, as I'm in the same interface as GW2, the firewall has nothing to do, but the router function must redirect me to the right GW, so I'm a little confused with this. I've attached my network diagram to be more clear of what I want, the user wants to access the server, and the user default gateway is GW1 and server is behind GW2

GW2.png_thumb

Routes.png_thumb

Rules.png_thumb
![Static Route Filtering.png](/public/imported_attachments/1/Static Route Filtering.png)
![Static Route Filtering.png_thumb](/public/imported_attachments/1/Static Route Filtering.png_thumb)

Network_Config.jpg_thumb

podilarius

Most with multiwan have to also use policy routing to accomplish what you want. How are your other rules setup? Are they not going to a gateway pool for multiwan?

afrugone

I've re install everything, then first I define the Gateway and Route to internal subnets (Servers behind a different LAN Router), and works perfect with 1 LAN and 2 WAN (no special rules), but as soon as I modify the LAN Rule changing gateway to Multiwan it stops working. Then I add two rules, over default lan Rule to/from servers Subnet, and is working again.

Later I will try enabling squid.

![Lan rule to Subnet.png](/public/imported_attachments/1/Lan rule to Subnet.png)
![Lan rule to Subnet.png_thumb](/public/imported_attachments/1/Lan rule to Subnet.png_thumb)