Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Setting a gateway in a transparent setup

    Scheduled Pinned Locked Moved General pfSense Questions
    1 Posts 1 Posters 745 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      andys
      last edited by

      I’ve got a pfSense box running as a transparent bridge; there’s the LAN interface, connecting to the internal network and the WAN interface that connects to two different routers (attached image summarises the setup).

      WAN-1 is the normal gateway and that’s what LAN clients are configured to use as their default gateway. I’m trying to see if it’s possible to direct certain traffic to go out via WAN-2?

      This seems to work for traffic originating on the LAN side, I can create a rule that matches the traffic and sets the gateway to WAN-2. Where I’m having problems is when the traffic originates from the WAN.

      I’m guessing that the rule that allows the WAN->LAN traffic is creating a state entry that uses the default gateway so the reply traffic (LAN->WAN) won’t be matched against any rules that can alter the gateway used?

      Is there a way to achieve this whilst keeping the firewall transparent? For now, I’ve worked around this by setting a route on the LAN clients that specify WAN-2 as the gateway for certain destinations, but I’d like to be able to do this in pfSense if it’s possible to avoid adding routes to the LAN clients.
      pfsense_vpn_pbr.png
      pfsense_vpn_pbr.png_thumb

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.