Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Rule to force one PC out on one WAN permanently

    Scheduled Pinned Locked Moved Routing and Multi WAN
    3 Posts 3 Posters 643 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R Offline
      robatwork
      last edited by

      I have pfsense on 2.2.2 setup with 3 x WAN and 1 x LAN interfaces.

      LAN is 192.168.0.0/24
      Each WAN has its own modem and external IP

      I have setup 3 gateways corresponding to WAN1, WAN2 and WAN3. The default gateway is WAN3. There are gateway groups for all wans and also 3 x failover groups, that correspond to LAN firewall rules.

      I am trying to make a particular PC which has IP 192.168.0.55 only access the internet through WAN1.  I have tried several ways - with floating rules and also a LAN rule, but none of them seem to have any effect. The rules I create are at the top so aren't getting ignored as far as I can see.

      I realise this must be something very simple….....

      thanks

      (If a mod thinks this is better in the Firewall forum please move)

      1 Reply Last reply Reply Quote 0
      • jimpJ Offline
        jimp Rebel Alliance Developer Netgate
        last edited by

        A rule at the top of the LAN tab to match any traffic from that source IP address using the WAN1 gateway should do the trick.

        Potential complications include:

        • If all three WANs are PPPoE with identical gateways, behavior can be unpredictable
        • If the WAN1 gateway is marked down, by default the traffic would "fall through" as if that gateway was not defined on the rule
        • The above behavior can be changed using the options for multi-wan on System > Advanced, Miscellaneous

        To say anything with certainty, you'll need to show the LAN rules along with the gateway status at a minimum.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • T Offline
          tim.mcmanus
          last edited by

          I have a rule like this on my network.  I was too lazy to move the server from one subnet to the next, so I had to create the route.  See enclosed screen shot.

          The server is at 10.0.1.240.

          ![Screen Shot 2015-04-30 at 9.02.05 AM.png](/public/imported_attachments/1/Screen Shot 2015-04-30 at 9.02.05 AM.png)
          ![Screen Shot 2015-04-30 at 9.02.05 AM.png_thumb](/public/imported_attachments/1/Screen Shot 2015-04-30 at 9.02.05 AM.png_thumb)

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.