• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Set a specific IP address to a specific WAN

Scheduled Pinned Locked Moved General pfSense Questions
6 Posts 4 Posters 5.3k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • D
    darkknight
    last edited by Sep 4, 2012, 4:14 PM

    Hi everyone!

    As my profile said, I'm newbie even on pfSense  ;D
    I'd like to set an IP to go out to a specific WAN. I have two links and some IP addresses will go out to a dedicated link.

    I can imagine that's easy to do, but I had some trouble to configure the firewall and I can't mess it up.

    Thanks, sorry the English.

    1 Reply Last reply Reply Quote 0
    • S
      stephenw10 Netgate Administrator
      last edited by Sep 4, 2012, 7:02 PM

      It's quite easy. It's referred to as policy based routing.

      Make a firewall rule on the LAN interface where the specific IP resides.
      Set the rule to, source: The IP you want to route and then set the gateway to whichever WAN you want to use.

      See attached example from my box. Here I route all traffic from clients in my Wifi2 subnet with destination 'somewhere on the internet' via WAN2.

      Steve

      wifi2rules.jpg
      wifi2rules.jpg_thumb

      1 Reply Last reply Reply Quote 0
      • D
        darkknight
        last edited by Sep 5, 2012, 2:46 PM

        Hi, thanks for replying.

        So, it didn't work. And I just access the internet if one of my gateway is set to default gateway.

        1 Reply Last reply Reply Quote 0
        • H
          heper
          last edited by Sep 5, 2012, 4:37 PM

          show us some screenshots of them firewall rules

          1 Reply Last reply Reply Quote 0
          • M
            marvosa
            last edited by Sep 6, 2012, 7:13 AM Sep 6, 2012, 7:07 AM

            Under Firewall -> Rules -> LAN tab:

            The default rules should look like:

            Next to your default allow rule:

            • click on the "+" sigh that says "add new rule based on this one"

            • change source type from "LAN subnet" to "Single host or alias" then enter the host IP in the address bar

            • in the "Advanced features" section, next to "Gateway", click on the "Advanced" button , select a WAN link, then click save

            • move the new rule above the default allow rule

            • click "Apply changes"

            and you will end up like this:

            In this example, 192.168.0.10 will go out WAN2 while everything else goes out the default gateway.

            1 Reply Last reply Reply Quote 0
            • S
              stephenw10 Netgate Administrator
              last edited by Sep 6, 2012, 7:29 AM

              Looks like I failed to mention that the policy based rule must go above the default rule in order to catch packets first.

              Steve

              1 Reply Last reply Reply Quote 0
              6 out of 6
              • First post
                6/6
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                This community forum collects and processes your personal information.
                consent.not_received