Static routes and multiwan
-
I'm currently working with a multiwan (2 dsl and 1 high-speed wireless wan link with a /29 routed static ip class) pfsense setup.
Given the fact the 2 dsl links external ip's are dynamically assigned by my isp, I need to ensure that some traffic goes straight through the other gateway due to access lists based on external ip set on the remote endpoint.
That said, I'm used to work with Fortinet firewalls and, to achieve this, all you need to do is add a static route with the destination IP and the internal gateway you wish to pass traffic to.
All I could see so far is that this won't work with pfsense. Is PBR and perhaps an "apply instantly on hit" flag the only way to achieve this in Pfsense?Thank you in advance
-
use firewall rules (that include policy based routing) to accomplish what you want:
https://doc.pfsense.org/index.php/What_is_policy_routing
https://doc.pfsense.org/index.php/Multi-WAN#Firewall_Rules -
Thanks for the answer, but making it work wasn't even close to be a problem. My question was more related to: is PBR the only viable way to route traffic across multiple gateways in pfsense? Thank you!
-
i guess you probably could use static routes aswell (the gateway monitor ip's are setup statically and work that way).
although I wouldn't know any scenario where you would prefer todo it that way …. the pbr system is there to make this stuff easy, and i see no reason not to use it.have you found a downside to it that you wish to share?
-
There are no downsides I guess, it's just pfsense behaviour that puts policy routing above static routing, which is the opposite on what happens in fortinet units for example.
It's just a matter of what you're used to :)Thank you, have a nice day!