Stupid multi WAN-question
-
Hi.
This can very well be the dumbest question of the day, but I was trying to get my multi-WAN setup to work but with no success. I could'nt ssh from wan to my server until I realized that traffic came in through ISP A – WAN-port A and out through ISP B -- WAN-port B. If I changed it so traffic in went out through the same NIC and ISP everything was fine. Now to my question: Is it possible at all to do it the way I originally had it set up? Can you have communication to one IP and get reply from a different? I can't for the life of me remember what my old teachers taught me :-) -
assymetric routing is in 99% of the cases NOT something you'd want.
and how exactly did you manage to get assymetric routing? i've tried before, but have never succeeded in accidently making that happen ;)
in general pfSense should reply on the same interface it received the data (unless specifically configured otherwise) -
It wasn't pfsense that was the cause.. I have couple different routers, and the server that I was port forwarding to had a different static route so it choose another way out. In other ways WAN (ISP A) – pfsense A -- ssh-server (static route) -- pfsense B -- WAN (ISP B). But TCP/IP basics, can you get a reply from a different IP than you sent the request to?
-
you can, but unless both ends are "aware' this is how it should be; it'll result in a broken communication