4. Routing between different subnets does not work with failover.

Routing between different subnets does not work with failover.

  • T

    Hello,

    We have a pfsense setup with three LAN subnets. Each subnet has an own interface.
    Routing between these subnets (10.0.0.0/20 ; 10.0.16.0/20 ; 10.0.32.0/20) works perfect when using the normal default gateway setting on the rules page.
    After we have created a failover gateway group (with two gateways) and add this group to a rule, routing between the LAN subnets does not work anymore.
    Tracing the traffic shows that packages which should go to one of the subnets are routed through the first gateway of the failover (which is my wan interfaces gateway).

    Is there some config I should create before doing this?

    Thanks!

    0

  • The gateway group bypasses the routing table and sends the traffic directly to the gateway.
    You need to create rules on the lan interfaces to match the traffic before it hits the gateway group.
    e.g. source local subnets dest local subnets gateway default.

    0
  • LAYER 8 Netgate

    https://doc.pfsense.org/index.php/Bypassing_Policy_Routing

    0
  • T

    Thanks guys! That seems logical!
    Will test and try (but I am sure this wil work).

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy