Gateway group failing to pass http/https traffic

john.ie

Hi All,

I am currently running 2.0.2-RELEASE (i386)/FreeBSD 8.1-RELEASE-p13 and am having an issue at the moment using multiple wan connections in a gateway group. We have three ADSL connections running on the site connect to WAN, OPT1 and OPT2 addressed as follows

WAN    -> 192.186.22.250 Gateway (WANGW)   192.168.22.1
OPT1   -> 192.168.21.250 Gateway (OPT1GW)  192.168.21.1
OPT2   -> 192.168.20.250 Gateway (OPT2GW)  192.168.20.1

LAN Subnet 192.168.24.0
LAN interface 192.168.24.1

Our gateway group is called mulitwan and has all three WAN connections in it as tier1 connections (round robin).

Currently if we configure the LAN firewall rule to use the mulitwan gateway group as its gateway none of the machines on the LAN can browse websites (Secure and Nonsecure). However if I set the gateway to be our WANGW then there is no issue.

If I revert the gateway back to our gateway group and use something like bitorrent then I can see traffic going out all interfaces. I can also see SIP and DNS traffic successfully going out using the gateway group. However as soon as we revert to the gateway group then we will lose the ability to browse the internet on machines behind the firewall.

I have tried adding floating rules, ameding DHCP to pass google DNS servers to clients just in case it was a DNS thing all to no avail. All gateways are showing as up as per status > gateways and I can ping a host on the internet from each wan interface using diagnostics > ping

We had been following http://doc.pfsense.org/index.php/Multi-WAN_2.0 as our initial guide on configuration. I was hoping someone might have a pointer as to where I could go next

Thanks,
John

john.ie

Just looking at this and it seems that despite having a Gateway group netstat -r is showing me that my default gateway is still the wan connection

Routing tables

Internet:
Destination        Gateway            Flags    Refs      Use  Netif Expire
default            192.168.22.1      UGS        0  374223    re0
a.resolvers.level3 192.168.20.1      UGHS        0    64291    re2
google-public-dns- 192.168.22.1      UGHS        0    69587    re0
google-public-dns- 192.168.21.1      UGHS        0    69611    re1
localhost          link#11            UH          0      102    lo0
192.168.17.0      192.168.17.2      UGS        0  293674 ovpns1
192.168.17.1      link#12            UHS        0        0    lo0
192.168.17.2      link#12            UH          0        0 ovpns1
192.168.20.0      link#3            U          0    1980    re2
192.168.20.250    link#3            UHS        0        0    lo0
192.168.21.0      link#2            U          0      267    re1
192.168.21.250    link#2            UHS        0        0    lo0
192.168.22.0      link#1            U          0    1185    re0
192.168.22.250    link#1            UHS        0        0    lo0
192.168.24.0      link#5            U          0  2617792    xl0
server1            link#5            UHS        0        0    lo0
resolver2.opendns. 192.168.20.1      UGHS        0      290    re2
obmr.btconnect.com 192.168.22.1      UGHS        0    4879    re0