Gateway group failing to pass http/https traffic



  • Hi All,

    I am currently running 2.0.2-RELEASE (i386)/FreeBSD 8.1-RELEASE-p13 and am having an issue at the moment using multiple wan connections in a gateway group. We have three ADSL connections running on the site connect to WAN, OPT1 and OPT2 addressed as follows

    WAN    -> 192.186.22.250 Gateway (WANGW)   192.168.22.1
    OPT1   -> 192.168.21.250 Gateway (OPT1GW)  192.168.21.1
    OPT2   -> 192.168.20.250 Gateway (OPT2GW)  192.168.20.1

    LAN Subnet 192.168.24.0
    LAN interface 192.168.24.1

    Our gateway group is called mulitwan and has all three WAN connections in it as tier1 connections (round robin).

    Currently if we configure the LAN firewall rule to use the mulitwan gateway group as its gateway none of the machines on the LAN can browse websites (Secure and Nonsecure). However if I set the gateway to be our WANGW then there is no issue.

    If I revert the gateway back to our gateway group and use something like bitorrent then I can see traffic going out all interfaces. I can also see SIP and DNS traffic successfully going out using the gateway group. However as soon as we revert to the gateway group then we will lose the ability to browse the internet on machines behind the firewall.

    I have tried adding floating rules, ameding DHCP to pass google DNS servers to clients just in case it was a DNS thing all to no avail. All gateways are showing as up as per status > gateways and I can ping a host on the internet from each wan interface using diagnostics > ping

    We had been following http://doc.pfsense.org/index.php/Multi-WAN_2.0 as our initial guide on configuration. I was hoping someone might have a pointer as to where I could go next

    Thanks,
    John



  • Just looking at this and it seems that despite having a Gateway group netstat -r is showing me that my default gateway is still the wan connection

    Routing tables

    Internet:
    Destination        Gateway            Flags    Refs      Use  Netif Expire
    default            192.168.22.1      UGS        0  374223    re0
    a.resolvers.level3 192.168.20.1      UGHS        0    64291    re2
    google-public-dns- 192.168.22.1      UGHS        0    69587    re0
    google-public-dns- 192.168.21.1      UGHS        0    69611    re1
    localhost          link#11            UH          0      102    lo0
    192.168.17.0      192.168.17.2      UGS        0  293674 ovpns1
    192.168.17.1      link#12            UHS        0        0    lo0
    192.168.17.2      link#12            UH          0        0 ovpns1
    192.168.20.0      link#3            U          0    1980    re2
    192.168.20.250    link#3            UHS        0        0    lo0
    192.168.21.0      link#2            U          0      267    re1
    192.168.21.250    link#2            UHS        0        0    lo0
    192.168.22.0      link#1            U          0    1185    re0
    192.168.22.250    link#1            UHS        0        0    lo0
    192.168.24.0      link#5            U          0  2617792    xl0
    server1            link#5            UHS        0        0    lo0
    resolver2.opendns. 192.168.20.1      UGHS        0      290    re2
    obmr.btconnect.com 192.168.22.1      UGHS        0    4879    re0



Log in to reply