Dual WAN manual NAT being blocked by firewall?
-
Hello Guys,
I am trying to configure Pfsense in a dual wan mode.
Currently I have 2 WANs succesfully setup.I have created manual rules for outbound nat. Please find the attached screenshots.
On network 192.168.10.1, I have internet with WAN1, which is perfect.
On network 192.168.20.1, I don't have any internet. It seems like the firewall is blocking this, see screenshots.Anything I'm doing wrong here?
Thanks!
Kind regards,
Roy
![Screen Shot 04-15-14 at 11.27 PM 001.PNG](/public/imported_attachments/1/Screen Shot 04-15-14 at 11.27 PM 001.PNG)
![Screen Shot 04-15-14 at 11.27 PM 001.PNG_thumb](/public/imported_attachments/1/Screen Shot 04-15-14 at 11.27 PM 001.PNG_thumb)
![Screen Shot 04-15-14 at 11.30 PM 001.PNG](/public/imported_attachments/1/Screen Shot 04-15-14 at 11.30 PM 001.PNG)
![Screen Shot 04-15-14 at 11.30 PM 001.PNG_thumb](/public/imported_attachments/1/Screen Shot 04-15-14 at 11.30 PM 001.PNG_thumb)
![Screen Shot 04-15-14 at 11.30 PM.PNG](/public/imported_attachments/1/Screen Shot 04-15-14 at 11.30 PM.PNG)
![Screen Shot 04-15-14 at 11.30 PM.PNG_thumb](/public/imported_attachments/1/Screen Shot 04-15-14 at 11.30 PM.PNG_thumb)
![Screen Shot 04-15-14 at 11.31 PM.PNG](/public/imported_attachments/1/Screen Shot 04-15-14 at 11.31 PM.PNG)
![Screen Shot 04-15-14 at 11.31 PM.PNG_thumb](/public/imported_attachments/1/Screen Shot 04-15-14 at 11.31 PM.PNG_thumb) -
Firewall rules.
![Screen Shot 04-15-14 at 11.33 PM.PNG](/public/imported_attachments/1/Screen Shot 04-15-14 at 11.33 PM.PNG)
![Screen Shot 04-15-14 at 11.33 PM.PNG_thumb](/public/imported_attachments/1/Screen Shot 04-15-14 at 11.33 PM.PNG_thumb) -
Your firewall rule for LAN2 interface allowing outbound is wrong. You have set the source to LAN Net, have to be LAN2 Net!
-
Thank you, that was a stupid mistake.
Fixed that, so no more firewall blocks, but still no internet on the second lan.
Any ideas?
-
You need at least 4 Outbound NAT rules:
On WAN: LANnet to any and LAN2net to any.
On WAN2: LANnet to any and LAN2net to any.By default, both LAN and LAN2 traffic will go out the default gateway (usually WAN). So next you will have to setup gateway group/s and policy-routing rules to direct traffic to the WANs that you want.
Note: Automatic Outbound NAT should work fine in your configuration - it will NAT both LANs going out both WANs. So I do not understand why you have chosen Manual Outbound NAT??? Go back to Automatic and see if it works.
-
Changed it back to automatic mode and assigned different gateways in the allow all rules for both LAN 1 and LAN 2.
That fixed it.
Thanks for the support.