Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Rule to force one PC out on one WAN permanently

    Routing and Multi WAN
    3
    3
    532
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      robatwork last edited by

      I have pfsense on 2.2.2 setup with 3 x WAN and 1 x LAN interfaces.

      LAN is 192.168.0.0/24
      Each WAN has its own modem and external IP

      I have setup 3 gateways corresponding to WAN1, WAN2 and WAN3. The default gateway is WAN3. There are gateway groups for all wans and also 3 x failover groups, that correspond to LAN firewall rules.

      I am trying to make a particular PC which has IP 192.168.0.55 only access the internet through WAN1.  I have tried several ways - with floating rules and also a LAN rule, but none of them seem to have any effect. The rules I create are at the top so aren't getting ignored as far as I can see.

      I realise this must be something very simple….....

      thanks

      (If a mod thinks this is better in the Firewall forum please move)

      1 Reply Last reply Reply Quote 0
      • jimp
        jimp Rebel Alliance Developer Netgate last edited by

        A rule at the top of the LAN tab to match any traffic from that source IP address using the WAN1 gateway should do the trick.

        Potential complications include:

        • If all three WANs are PPPoE with identical gateways, behavior can be unpredictable
        • If the WAN1 gateway is marked down, by default the traffic would "fall through" as if that gateway was not defined on the rule
        • The above behavior can be changed using the options for multi-wan on System > Advanced, Miscellaneous

        To say anything with certainty, you'll need to show the LAN rules along with the gateway status at a minimum.

        1 Reply Last reply Reply Quote 0
        • T
          tim.mcmanus last edited by

          I have a rule like this on my network.  I was too lazy to move the server from one subnet to the next, so I had to create the route.  See enclosed screen shot.

          The server is at 10.0.1.240.

          ![Screen Shot 2015-04-30 at 9.02.05 AM.png](/public/imported_attachments/1/Screen Shot 2015-04-30 at 9.02.05 AM.png)
          ![Screen Shot 2015-04-30 at 9.02.05 AM.png_thumb](/public/imported_attachments/1/Screen Shot 2015-04-30 at 9.02.05 AM.png_thumb)

          1 Reply Last reply Reply Quote 0
          • First post
            Last post

          Products

          • Platform Overview
          • TNSR
          • pfSense Plus
          • Appliances

          Services

          • Training
          • Professional Services

          Support

          • Subscription Plans
          • Contact Support
          • Product Lifecycle
          • Documentation

          News

          • Media Coverage
          • Press
          • Events

          Resources

          • Blog
          • FAQ
          • Find a Partner
          • Resource Library
          • Security Information

          Company

          • About Us
          • Careers
          • Partners
          • Contact Us
          • Legal
          Our Mission

          We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

          Subscribe to our Newsletter

          Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

          © 2021 Rubicon Communications, LLC | Privacy Policy