Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Separate network using Virtual IP and alias

    Routing and Multi WAN
    3
    9
    1093
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H
      hunderri last edited by

      hi all,

      since im new to pfsense i need some help on finishing some configurations.  i have an office of 50 pc and 50 voip phones. im using the loadbalancing and failover (already configured). my questions is how i can separate the network so the VOIP phone use one GW1 and the PC use the other GW2?

      thanks for the help !!

      1 Reply Last reply Reply Quote 0
      • KOM
        KOM last edited by

        The firewall rules have a Gateway picker down in the Advanced section.  Add an Allow rule that directs the VoIP phones' IP addresses or subnet to the specified gateway.

        1 Reply Last reply Reply Quote 0
        • H
          hunderri last edited by

          hi,

          thanks for the reply. do i need to create alias for this ? can you be more specific !  :)

          1 Reply Last reply Reply Quote 0
          • P
            phil.davis last edited by

            It makes it easy to maintain if you use Aliases. Make an Alias that contains all the IP addresses of the phones. Then use that as source in the firewall rule, destination any, in the advanced section select the gateway you want. Then do similar for the PCs…

            As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
            If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

            1 Reply Last reply Reply Quote 0
            • H
              hunderri last edited by

              thanks its working. i have one more question, by creating this rules the load-balancing and fail over will be affected??

              thanks in advance !

              1 Reply Last reply Reply Quote 0
              • P
                phil.davis last edited by

                If you want traffic from particular clients to go on a particular WAN then you don't want load-balancing - so yes, load-balancing is effected because you don't want it :)
                If you want failover, so that the traffic usually goes out the WAN you specify, but fails over to some other WAN when the first is down, then make gateway groups for each failover combination you need, e.g.:
                Gateway Group Failover1 - WAN1 Tier 1, WAN2 Tier 2 - traffic on WAN1 normally, then to WAN2 if WAN1 is down
                Gateway Group Failover2 - WAN2 Tier 1, WAN1 Tier 2 - traffic on WAN2 normally, then to WAN1 if WAN2 is down

                Then use the required gateway group in your rules, instead of directly using WAN1 or WAN2 gateway.

                As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
                If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

                1 Reply Last reply Reply Quote 0
                • H
                  hunderri last edited by

                  the fail over i prefer to have it. how i can disable the loadbalancing?

                  1 Reply Last reply Reply Quote 0
                  • P
                    phil.davis last edited by

                    Load Balancing is just a gateway group with all WANs on the same tier.
                    Make all gateway groups with WANs on different tiers, 1, 2… in priority order. Use those in your rules.
                    Then you can delete any Load Balancing "same tier" gateway groups.

                    As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
                    If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

                    1 Reply Last reply Reply Quote 0
                    • H
                      hunderri last edited by

                      sorry for the late response but it's working now :))) thanks a lot !!

                      1 Reply Last reply Reply Quote 0
                      • First post
                        Last post