Strange Routing Issue
-
Not sure whats going on here but I have the following setup:
WAN (ADSL Provider 1) OPT1 (ADSL Provider 2)
\ /
–----------------------------------------------
PFSense (192.168.3.1)
|
Switch
|
PC 1 PC2The Load Balancing multi-WAN setup is fine, both show online, however I loose internet access on PC 1 (including ping'ing everything apart from 192.168.3.1), but will have access fine on PC2, then after a while it will swap round!?
I have the following firewall rules:
LAN:
Proto Source Port Destination Port Gateway Schedule Description-
-
-
-
- balancedLAN Default LAN -> internet
-
-
-
WAN:
TCP/UDP * * 192.168.3.2 16889 * NAT
TCP/UDP * * 192.168.3.3 16888 * NATOPT1:
TCP/UDP * * 192.168.3.2 16889 * NAT
TCP/UDP * * 192.168.3.3 16888 * NATThe firewall logs dont seem to fill up with any blocked traffic from these 2 IP's.
It doesnt seem to make sense to me!
Any help would be greatly appreciated!
Matt
-
-
Did you tick sticky connections?
-
Did you tick sticky connections?
Yes I did, to try and get round issues with Online Banking websites etc monitoring the IP address and logging me out when the load balancer uses the 2nd connection.
Is there a known issue?
Cheers
Matt -
yes http://forum.pfsense.org/index.php/topic,8957.0.html
-
To get issues with online banking solved just create a rule for https traffic that will use a failover pool instead of balancing. These applications won't cause much load so it's no problem to have them only at one wan and they will still be available if one of the wans go down this way. At my setups I have a portsalias and a hostsalias for such ports and destinations that don't work with loadbalancing. It's easy to just add ports or IPs later this way.
-
To get issues with online banking solved just create a rule for https traffic that will use a failover pool instead of balancing. These applications won't cause much load so it's no problem to have them only at one wan and they will still be available if one of the wans go down this way. At my setups I have a portsalias and a hostsalias for such ports and destinations that don't work with loadbalancing. It's easy to just add ports or IPs later this way.
Excellent advice, thanks for that, works perfectly now…