Rule to force one PC out on one WAN permanently
-
I have pfsense on 2.2.2 setup with 3 x WAN and 1 x LAN interfaces.
LAN is 192.168.0.0/24
Each WAN has its own modem and external IPI have setup 3 gateways corresponding to WAN1, WAN2 and WAN3. The default gateway is WAN3. There are gateway groups for all wans and also 3 x failover groups, that correspond to LAN firewall rules.
I am trying to make a particular PC which has IP 192.168.0.55 only access the internet through WAN1. I have tried several ways - with floating rules and also a LAN rule, but none of them seem to have any effect. The rules I create are at the top so aren't getting ignored as far as I can see.
I realise this must be something very simple….....
thanks
(If a mod thinks this is better in the Firewall forum please move)
-
A rule at the top of the LAN tab to match any traffic from that source IP address using the WAN1 gateway should do the trick.
Potential complications include:
- If all three WANs are PPPoE with identical gateways, behavior can be unpredictable
- If the WAN1 gateway is marked down, by default the traffic would "fall through" as if that gateway was not defined on the rule
- The above behavior can be changed using the options for multi-wan on System > Advanced, Miscellaneous
To say anything with certainty, you'll need to show the LAN rules along with the gateway status at a minimum.
-
I have a rule like this on my network. I was too lazy to move the server from one subnet to the next, so I had to create the route. See enclosed screen shot.
The server is at 10.0.1.240.
