Set a specific IP address to a specific WAN

darkknight · Sep 4, 2012, 4:14 PM

Hi everyone!

As my profile said, I'm newbie even on pfSense ;D
I'd like to set an IP to go out to a specific WAN. I have two links and some IP addresses will go out to a dedicated link.

I can imagine that's easy to do, but I had some trouble to configure the firewall and I can't mess it up.

Thanks, sorry the English.

stephenw10 · Sep 4, 2012, 7:02 PM

It's quite easy. It's referred to as policy based routing.

Make a firewall rule on the LAN interface where the specific IP resides.
Set the rule to, source: The IP you want to route and then set the gateway to whichever WAN you want to use.

See attached example from my box. Here I route all traffic from clients in my Wifi2 subnet with destination 'somewhere on the internet' via WAN2.

Steve

darkknight · Sep 5, 2012, 2:46 PM

Hi, thanks for replying.

So, it didn't work. And I just access the internet if one of my gateway is set to default gateway.

heper · Sep 5, 2012, 4:37 PM

show us some screenshots of them firewall rules

marvosa · Sep 6, 2012, 7:13 AM

Under Firewall -> Rules -> LAN tab:

The default rules should look like:

Next to your default allow rule:

click on the "+" sigh that says "add new rule based on this one"
change source type from "LAN subnet" to "Single host or alias" then enter the host IP in the address bar
in the "Advanced features" section, next to "Gateway", click on the "Advanced" button , select a WAN link, then click save
move the new rule above the default allow rule
click "Apply changes"

and you will end up like this:

In this example, 192.168.0.10 will go out WAN2 while everything else goes out the default gateway.

stephenw10 · Sep 6, 2012, 7:29 AM

Looks like I failed to mention that the policy based rule must go above the default rule in order to catch packets first.

Steve