Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    NAT, Different WANs for different subnets.

    NAT
    3
    3
    514
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      notjoe last edited by

      Hey,

      I am running into a problem where I believe what I have done should work but doesn't seem to work. It's probably because of how I have things set up.
      Here is the current config:

      WAN1 IP: xxx.xxx.xxx.40/25
      WAN1 GW: xxx.xxx.xxx.1 (GW LABEL: GW_WAN)

      WAN2 IP: xxx.xxx.xxx.41/25
      WAN2 GW: xxx.xxx.xxx.1 (GW LABEL: GW_OPT1)

      WAN1/WAN2 Have the same gateway.

      IPSec: 10.0.1.0/24 (Routed through WAN1)

      LAN: 192.168.1.0/24 (Routed through WAN2)

      So, My IPSec works just fine. When I check my IP while connected to the IPSec VPN it works fine and I get the .40.

      The problem is with my LAN. I cannot seem to be able to get to the internet at all. I've tried adding a rule under Rules->Lan, which is:
      Action: Pass
      Interface:LAN
      TCP/IP Version:IPv4
      Protocol:Any
      Source Type:Network
      Source Address:192.168.1.0/24
      Destination:WAN2 Address

      This didn't work for me though as the machine on the LAN cannot access the internet.
      The next think I tried was under Firewall->NAT->Outbound:
      Interface: WAN2
      Protocol:Any
      Source Type:Network
      Source Address:192.168.1.0/24
      Destination: Any

      Neither of these worked for me, I've tried various combinations and still didn't have any luck. I suspect it is probably something stupid that I am doing.

      Now, maybe there is a better way to accomplish what it is i am trying to do. I want all my IPSec traffic to come out on xxx.xxx.xxx.40 while all my LAN traffic will come out on the xxx.xxx.xxx.41 IP Address.

      Any help would be greatly appreciated.

      Thanks!

      1 Reply Last reply Reply Quote 0
      • E
        esink last edited by

        I think you have the right idea with what you want to accomplish, but your implementation is incorrect.

        The rule you have setup allows traffic form the LAN to WAN2, however what's to say that LAN traffic is destined for WAN2? This question is probably more suited for the Multi WAN section

        1 Reply Last reply Reply Quote 0
        • Derelict
          Derelict LAYER 8 Netgate last edited by

          The problem is with my LAN. I cannot seem to be able to get to the internet at all. I've tried adding a rule under Rules->Lan, which is:
          Action: Pass
          Interface:LAN
          TCP/IP Version:IPv4
          Protocol:Any
          Source Type:Network
          Source Address:192.168.1.0/24
          Destination:WAN2 Address

          Try:

          The problem is with my LAN. I cannot seem to be able to get to the internet at all. I've tried adding a rule under Rules->Lan, which is:
          Action: Pass
          Interface:LAN
          TCP/IP Version:IPv4
          Protocol:Any
          Source Type:Network
          Source Address:LAN network
          Destination:any

          In advanced, set the gateway to WAN2

          1 Reply Last reply Reply Quote 0
          • First post
            Last post

          Products

          • Platform Overview
          • TNSR
          • pfSense
          • Appliances

          Services

          • Training
          • Professional Services

          Support

          • Subscription Plans
          • Contact Support
          • Product Lifecycle
          • Documentation

          News

          • Media Coverage
          • Press
          • Events

          Resources

          • Blog
          • FAQ
          • Find a Partner
          • Resource Library
          • Security Information

          Company

          • About Us
          • Careers
          • Partners
          • Contact Us
          • Legal
          Our Mission

          We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

          Subscribe to our Newsletter

          Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

          © 2021 Rubicon Communications, LLC | Privacy Policy