Need help with routing to interface / gateway

  • Hello there, nice people of the internet  :P

    Today is the great day that I finally got a 200  Mbit/s connection at my house  ;D ;D BUT I encountered a problem:

    I now have 2 WANs connected to my computer / pfSense VM
    Two devices in my LAN network (VoIP telephones with SIP accounts) HAVE to be routed via the old (now second / OPT1) WAN
    Their traffic may not be going through my first WAN because the SIP provider doesn't allow access to his server via non-Telekom ISPs

    What do I have to do to either route port 5060 (SIP) packets or only two IPs ONLY through one WAN?

    I am trying this since already 8 hours or so and I even had to reset my pfSense just now.

    My setup:

    - WAN 1 (DHCP Router) -
    Internet - WAN 2 (DHCP Modem) - pfSense - LAN - VOIP Telephones


    My internet connections are already in a group so that they should do a failover. Is it correct to set the monitoring IPs of the corresponding gateways to monitor each other or should they just monitor themselves?

    An offer:

    I just looked through my pfsense and discovered that the second DHCP WAN is not even online for some reason (Before the change today it worked great as WAN1  :o). I tried both receiving an IP from DHCP and using a static IP. This makes me think my problems are quite big so if anyone is interested: I give you 25 Euros (PayPal or BTC) if you help me with these changes via Teamviewer and make my pfsense route the two phones via the second WAN and repair the problems so that WAN 2 is online and can be used as failover ;) Just PM me if you're interested  :) Afterwards I'm gonna post the solution to the routing problem here  ;)

    Please be so nice and help me and hopefully this post will be useful for others like me in the future :)


  • Add a rule on the lan. Set the source to the IP of the phone, destination any, under advanced, change the gateway to the WAN2 gateway. Move this rule before the default lan to any rule. Repeat for the second phone, or change the source to a subnet that includes both phones. Reset states and reboot the phones just to be sure. You could also make the rule with lan net to any, destination port=sip.

  • Thank you for the reply!

    I tried to follow your destination port suggestion but it still doesn't seem to have any effect… Also I don't know how to make a subnet 'n stuff :)

    Also still I have the problem that my interface is still some kind of broken :(

  • Maybe you should post some screenshots of the config?
    LAN rules should look something like this:
    UDP LAN Net * * 5060 GW_OPT1 none
    *      LAN Net * * *      Failover    none

  • Here I screenshotted some of my chosen options. I hope they're of good enough quality to see everything clearly. Do you need more screens?

  • I'm assuming your LAN is something other than 192.168.1.x, as that's the OPT subnet…
    The OPT/Telekom is showing down, you're going to have to get that fixed.
    If the existing equipment is running NAT, you're going to have trouble- any way you can get a public IP on pfSense? Put the DSL equipment in bridge mode or something?

  • Hi, my LAN's IPs are - 255 and my WAN2 IP was or something like this.

    I changed my WAN2 to PPPoE with previously working access details and now its even more strange…

    ![interface status.JPG_thumb](/public/imported_attachments/1/interface status.JPG_thumb)
    ![interface status.JPG](/public/imported_attachments/1/interface status.JPG)

  • Try deleting the OPT1 gateway. PPPoE should pull a gateway dynamically.

  • Thanks for your help but I solved my problem just now.

    What I did:

    I created a new VM with pfsense on my router-computer. Then with this second pfsense I am creating a different subnet than with the first one with DHCP deactivated.
    On the phones I choose a static IP in the second router's subnet and now they both work just fine :)

    The thread may be closed :)