Multi WAN and VLAN traffic



  • Hi all,
    I have 5 VLANs setup in the office.
    I also have 2 WANs.
    When I configured WAN failover with Gateway Groups and added firewall rules to the VLAN to route traffic to the new group, my failover setup works, but I can no longer access machines on the other VLANs.

    Anyone can tip me how to accomplish this?
    TIA



  • In normal this are two different things. The VLANs are a two ending solution, starting at the switch and then
    ending at the LAN port of your pfSense, thats it. And then the second part is the WAN set up where this
    VLANs should be not in the game.

    Set up your LAN part and then your WAN part and don´t mix them together.



  • Thanks Frank for your reply.
    I assume my VLANs are configured correctly.
    I have Three NIC on the pfsense machine (WAN1,WAN2, LAN), and I have the VLANs configured on the Cisco switch with matching VLANS interfaces added to pfsense, I can see the VLAN taggings in the packet logs etc.

    As soon as I route the traffic to WAN groups as oppose to specific WAN my ping test are failing.



  • I assume my VLANs are configured correctly.

    Ok, from the router to the switch tagged ports and 3 VLANs added should be not really the problem
    but if pfSense is routing then between the VLANs are their any firewall rules and/or restrictions?

    I have Three NIC on the pfsense machine (WAN1,WAN2, LAN), and I have the VLANs configured on the Cisco switch with matching VLANS interfaces added to pfsense, I can see the VLAN taggings in the packet logs etc.

    As soon as I route the traffic to WAN groups as oppose to specific WAN my ping test are failing.

    multi-wan [dual] and policy based routing with failover would be perhaps interesting you how to do it right.
    Load balancing and fail over with dual WAN.



  • Thanks once again Frank.
    I ended up adding a specific firewall rule permitting traffic from VLAN-x to VLAN-x and moved it above the Failover Gatway Group rule.
    worked sweet.


  • LAYER 8 Netgate


Log in to reply