3G failover - client can't reach internet
When WAN is up, client computer at 192.168.1.100 via pfSense DHCP can reach internet as expected.
When WAN is down & OPT1 is up, client computer at 192.168.1.100 can NOT reach internet but pfSense gets an IP from 3G modem and can ping out from webConfigurator Status page.
WAN - DHCP from Comcast
LAN - Default 192.168.1.0/24 from stock install
OPT1 - MC760 USB Mobile Broadband from Virgin Mobile
2 Gateway Groups - GW1 with WAN Tier 1 & OPT1 Tier 2, GW2 with OPT1 Tier 1 & WAN Tier 2 setup per pfSense docs for failover.
220.127.116.11 and 18.104.22.168 added to DNS Servers in General Setup
Firewall > LAN added rules for all traffic out via GW1 or GW2
Am I missing something? An Outbound NAT rule?