Firewall rule match based on Virtual IP



  • Hi,

    The current setup had 2 WAN connections, with 2 WAN routers accessible on the same subnet. Each device was then manually configured which router to use.

    I've matched the setup and created a virtual IP matching the previous alternative router. I can use both the main and IP alias as a router, which works fine.

    I can also set up firewall rules based on IP address of the guest to route them from either main or alternative gateway.

    However, my question is - is there a way to match on which virtual IP the packet came in and then decide on which WAN it should go? I can only see a match on the interface, but both of the IPs are on the same interface so I am not allowed the distinction.


Log in to reply