A secure site login is failing with dual-WAN

  • We just set up a Dual-WAN configuration on PFSense 2.3.1. It broke a specific HTTPS website by randomly kicking users out of their sessions, or not letting them log in at all. When I disable one WAN, it starts working again.

    I assume it's because the site is tracking the session IP which changes because of the dual-WAN and kicks them off. Is there a way to route all traffic for the specific domain or IP through only one WAN?

    I want to maintain load balancing and failover for everything else.

  • Create a failover group and a load balancer group. Have a rule matching https with a failover gateway before the rule with a balancer gateway.
    You could also try the sticky option, but I haven't played with that in a long time.

Log in to reply