2 LAN with Different Gateway (2WAN) not load balancing

Dezireman25

Dear all,

good day. im new here in the group, but i've been using pfsense for a few months. i have a project to have 2 LAN and 2 WAN.

I have 2 different ISP/WAN and i want LAN 1 will connect to ISP1/WAN1 and LAN 2 will connect to ISP 2/WAN2. But i will not do the load balancing. I just want to point each LAN to a specific WAN. Below is the Network Diagram

WAN1 (ex. Public IP: 111.111.111.1)\                      / LAN1 ex IP: 192.168.100.0 /24
                                                          \                  /
                                                            >PFSENSE<
                                                            /               
WAN2 (ex. Public IP: 222.222.222.2) /                    \ LAN 2 ex IP: 10.10.100.0 /24

What i have on my PFSense now is:

Interface
LAN1 Gateway> WAN1
LAN2 Gateway> WAN2

Gateways are:
WAN1 (default)
WAN2

NAT Outbound:
LAN1>WAN1
LAN2>WAN2

Rules are:
LAN1> WAN1
LAN2>WAN2

But this settings doesn't work, i've noticed that all packets are going to my default gateway, if the WAN1 is the default gateway then the LAN1 has an internet, and if the WAN2 is the default the LAN2 has an internet.

Any fix please for this kind of set-up? Still searching a solution on this forum and in google. But i hope someone can answer me here.

kejianshi

You should be able to cure this a number of ways.  If you want to make everything from LAN1 work on WAN1 and everything on LAN2 work over WAN2 thats easy.

You just set up manual outbound NAT and set WAN1 for LAN1 and WAN2 for LAN2 and you should be done.

P.S.  Other than setting up manual outbound NAT you shouldn't have to set up any rules.

The regular old Pass all on LAN rule should work.

I don't have 1 set up like this but seems like it should work.

kejianshi

Just checking - These are different ISPs with different Gateway addresses?  right?

Derelict

Yeah.  I think you can also leave automatic outbound NAT enabled and just change the gateway on the pass any any rules for LAN1 to WAN1 and LAN2 to WAN2.

This stuff basically just works.

Changes will only apply to new states.

I don't know what your design goals are but I would create two gateway groups, say WAN1FIRST (tier1: wan1, tier2: wan2) and WAN2FIRST (tier1: wan2, tier2: wan1) and set the gateway on LAN1 rules to WAN1FIRST and LAN2 rules to WAN2FIRST.

kejianshi

That also works if you don't want STRICT separation.

I could be wrong, but in the event of a WAN outage, all traffic would then pass over whatever is still up?

Derelict

Yes.  Both LANs would use WAN2 if WAN1 was down and WAN1 if WAN2 was down.  Again, don't know OPs design goals.

Dezireman25

@kejianshi:

You should be able to cure this a number of ways.  If you want to make everything from LAN1 work on WAN1 and everything on LAN2 work over WAN2 thats easy.

You just set up manual outbound NAT and set WAN1 for LAN1 and WAN2 for LAN2 and you should be done.

P.S.  Other than setting up manual outbound NAT you shouldn't have to set up any rules.

The regular old Pass all on LAN rule should work.

I don't have 1 set up like this but seems like it should work.

Hi Sir thanks for the reply,

yes i do have a manual NAT outbound to point LAN1 to WAN1 and LAN2 to WAN2 but still didn't work

and yes again sir these ISPs has different gateways

Dezireman25

@Derelict:

Yeah.  I think you can also leave automatic outbound NAT enabled and just change the gateway on the pass any any rules for LAN1 to WAN1 and LAN2 to WAN2.

This stuff basically just works.

Changes will only apply to new states.

I don't know what your design goals are but I would create two gateway groups, say WAN1FIRST (tier1: wan1, tier2: wan2) and WAN2FIRST (tier1: wan2, tier2: wan1) and set the gateway on LAN1 rules to WAN1FIRST and LAN2 rules to WAN2FIRST.

i already have this on my firewall rule
LAN 1 to WAN 1
LAN 2 to WAN 2

but still didn't work.

Dezireman25

@Derelict:

Yes.  Both LANs would use WAN2 if WAN1 was down and WAN1 if WAN2 was down.  Again, don't know OPs design goals.

my goal is to have a complete separation of internet connection between 2 LAN without load balancing. i want all traffic from LAN 1 will go to WAN 1 and LAN 2 to WAN 2

i already did the Manual NAT Outbound and Firewall Rules, but still didn;t work. i dont know why  :( i just noticed that all traffics are going to my default gateway

Derelict

@Dezireman25:

i already have this on my firewall rule
LAN 1 to WAN 1
LAN 2 to WAN 2

but still didn't work.

But it does work.

Care to post the gateways, firewall rules, and outbound nat screenshots?

Dezireman25

thanks for your reply sir. already done

i specify the gateway on my firewall rules…

thanks for the help

Derelict

Just trying to find whatever you have configured wrong.  If it was configured right it would be working.  Good luck.