Multi-WAN - Internet traffic only going in/out one gateway

esseebee

I'm at a loss about this. I've created a gateway group to combine our 2 WAN connections that connect to 2 separate ISPs. According to traffic graph (and seeing no difference in speed test results), all of the internet traffic is going in/out one of WAN1. That is, with the exception of pings from WAN2 to the alternate gateway monitor IP address. No other firewall rules listed above the load balancing gateway group. Where did I mess up or where should I be looking? Thanks in advance.

heper

https://doc.pfsense.org/index.php/Multi-WAN

esseebee

Thanks. That's the guide I used to configure the Multi-WAN. It's still only pumping traffic in/out of WAN1. Any ideas of what might be causing this?

Derelict

Without seeing what you've actually done, no. No clue. Use the guide to determine what screens/info you should post.

esseebee

Sorry. I was hoping for an obvious known issue that would be quick. Here's the scenario.

WAN1 (PPPoE w/ Static IP) + WAN2 (DHCP from modem) –> Pfsense 2.1.5 -- > LAN
Windows Server 2012 running DHCP and DNS

Top FW rule on LAN tab is for internal routing using this - https://doc.pfsense.org/index.php/Bypassing_Policy_Routing
It points to an alias for our internal network addresses.

The next 3 active LAN FW rules are for

1. load balancing to the gateway group.
2. failover to WAN1
3. failover to WAN2

I've attached screenshots of the FW rules, gateway groups and firewall rules pages. Please let me know if there are others that I need to attach. I very much appreciate your help.

![Screen Shot 2015-05-26 at 11.54.15 am.png](/public/imported_attachments/1/Screen Shot 2015-05-26 at 11.54.15 am.png)
![Screen Shot 2015-05-26 at 11.54.15 am.png_thumb](/public/imported_attachments/1/Screen Shot 2015-05-26 at 11.54.15 am.png_thumb)
![Screen Shot 2015-05-26 at 11.57.55 am.png](/public/imported_attachments/1/Screen Shot 2015-05-26 at 11.57.55 am.png)
![Screen Shot 2015-05-26 at 11.57.55 am.png_thumb](/public/imported_attachments/1/Screen Shot 2015-05-26 at 11.57.55 am.png_thumb)
![Screen Shot 2015-05-26 at 11.58.20 am.png](/public/imported_attachments/1/Screen Shot 2015-05-26 at 11.58.20 am.png)
![Screen Shot 2015-05-26 at 11.58.20 am.png_thumb](/public/imported_attachments/1/Screen Shot 2015-05-26 at 11.58.20 am.png_thumb)

heper

remove the bottom 2 rules (they are pointless)
might as well remove 2 out of 3 gateway groups (they are probably pointless, unless you use them on a different interface for whatever reason)

don't try a single tcp stream … balancing doesnt mean combining on a single download. use a download manager or torrents to see if loadbalancing works or not

esseebee

Thanks for your insight. I agree that those rules and the extra gateway groups were unnecessary. I removed them, but still had the issue. I discovered that AON was being used and there was a static route for WAN1, but not WAN2. I added the static route for LAN traffic to WAN2 and it worked!

heper

AON=automatic outbound NAT | it's got nothing todo with routes ?

if AON, is not working on a standard multi-wan setup, then chances are that something else isn't configured as it should

Derelict

I think he's referring to Manual Outbound NAT (Also referred to as Advanced Outbound NAT (AON), but not Automatic Outbound NAT (also AON) (clear as mud)) and that there were not outbound NAT rules defined for the second WAN. After definition, it worked as expected.

![Screen Shot 2015-05-27 at 12.30.45 AM.png](/public/imported_attachments/1/Screen Shot 2015-05-27 at 12.30.45 AM.png)
![Screen Shot 2015-05-27 at 12.30.45 AM.png_thumb](/public/imported_attachments/1/Screen Shot 2015-05-27 at 12.30.45 AM.png_thumb)

esseebee

That is correct, Derelict. Sorry for the confusion. These are new acronyms for me.