Floating Rule WAN1 OUT triggering for WAN2 traffic while WAN1 is down
-
WAN1 is the default gateway.
Default Gateway Switching is disabled.
Skip Rules When Gateway Is Down is disabled.LAN Rule: WAN2 Traffic
Destination Port: <ports>Gateway: WAN2
Tag: SKIP_DEFAULT
Action: PassLAN Rule: Default Traffic
Destination: Any
Action: PassFloating Rule: Skip Default
Interface: WAN1
Direction: OUT
Tagged: SKIP_DEFAULT
Action: RejectI want the "WAN2 Traffic" rule to use only WAN2 and the traffic should be rejected if WAN2 is down. This works fine. If WAN2 is down and WAN1 is up, pfSense recreates the "WAN 2 Traffic" rule with the default gateway (WAN1) and the floating rule blocks the traffic on WAN1.
However if WAN1 is down and WAN2 is up, the floating rule still triggers and rejects the traffic even though it is set only on interface WAN1. The firewall logs show that the floating rule interface was WAN2! Why is the floating rule suddenly matching WAN2 traffic when WAN1 is down? I worked around it by adding "Source Address: WAN1_Address" to the floating rule, but this should not be required.
Also, if both WAN1 and WAN2 are up, it works fine as the rule is not triggered for WAN2 traffic.</ports>
-
Have 'quick' set on the floating rule? It'll need to be.
-
Yes "Quick" is set. Even if it isn't, why would it trigger for an interface not even selected in the rule?
It's falsely triggering for WAN2 only when WAN1 is selected and WAN1 is down. As an experiment, it does not trigger if I select LAN as the interface and WAN1 is down.