Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Multi-Subnet, limiter only for WAN connection

    Scheduled Pinned Locked Moved Traffic Shaping
    4 Posts 3 Posters 2.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rezitech
      last edited by

      I have a pfSense connected with 2 WANs and 3 LANs at a large network. I'll call them WAN-A, WAN-B, LAN-A, LAN-B, and LAN-C for this question.

      WAN-A is a 6M/2.0M connection
      WAN-B is a 1.5M/1.5M connection

      I am having problems with users saturating the bandwidth, and I want to use a limiter to keep any one user from hogging all the bandwidth. I created a limiter and used a firewall rule to enable that limiter for LAN-A, but that means that traffic LAN-A to LAN-B or LAN-C is limited, too.

      I want to limit traffic from LAN-A to WAN-A or WAN-B, without affecting traffic from LAN-A to either of the other LANs.

      How do I do that?

      1 Reply Last reply Reply Quote 0
      • M
        Metu69salemi
        last edited by

        create rules sourcing from LanA and destined to LanB & LanC without that limiter, place those above your LanA to Any rule.

        1 Reply Last reply Reply Quote 0
        • R
          rezitech
          last edited by

          @Metu69salemi:

          create rules sourcing from LanA and destined to LanB & LanC without that limiter, place those above your LanA to Any rule.

          Awesome. I read this, and hit a sort of "duh" moment. :-)

          I was trying to create a rule from LanA to "WanA Network" to create the rule, but it wasn't applied for any traffic that went through WanA, only ended at WanA.

          Thank you very much. Your answer is very helpful!

          1 Reply Last reply Reply Quote 0
          • D
            dreamslacker
            last edited by

            Alternatively, make use of Aliases and 'Not'.

            Create an Alias with the subnets of LAN A, B & C.

            Call this alias:  LocalSubnets

            In your firewall rule(s) applying the limiter(s), just set the destination as "Not" (checkbox) Alias "LocalSubnets".

            Depending on how many rules you have applying limiters and all, either of the methods would be simpler to apply.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.