2 wans - how to direct traffic to each ?
-
I'm not seeing anything are the images hosted outside of pfsense.org?
-
imgur
-
Yeah I saw them from another machine. Anyway this works on pfsense 2.2.2 and I'm not running multiple wans just one connection through a modem in bridge mode so I'm handling the ppoe username & password connection settings in pfsense which is passed out of the wan to the modem router running in bridged mode.
I've done a screen shot of some OPTx rules which work for me see attached. I've drawn a box around the gateway of the first rule, if you want to force traffic through a particular gateway as you have two connections you could try the gateway option which is a button at the bottom of the edit rule page.
You might also note I have two rules to block WAN net and WAN address but these dont work so ignore them.
The rules work from the top to the bottom and everything is a default deny but I prefer having explicit blocks in place just to be sure, on other interfaces I even explicitly allow individual ports for individual machines to really lock everything down and then I can see if anything has found a new way of communicating like passing messages in say netbios or other tricks.
See if the screen shot gives you any ideas for your own set up.
-
thanks for that.
The issue I have is, OPT1 cannot ping any host on the internet. It DOES resolve the name and I can ping if I connect to the router.
Until I can fix this issue nothing else is going to work.
I can't see where pfsense is blocking OPT1 from pinging any internet host.
-
So… your ISP DNS on WAN is the gateway on OPT? I don't think this is particularly sane... How many levels of NAT are you behind?
Also, WTH is the pfSense version used here? Most of this configuration stuff does not exist on 2.1.x, nor on 2.2.x; plus copyright 2004 - 2009. :o ::)