On 2 dec. 2011, at 17:28, Carlo Blohm wrote: > Yeah...i figured it out. > > I had to set an LAN rule in the firewall, select the second router and had to > create the same rule for outbound nat with the second device ip. > > So firewall rule: > LAN -> source: 10.10.10.50-70 (specialComputer), Advanced: route DSL2 > > Outbound nat: > Source: 10.10.10.50-70 (specialComputer), Translation: 192.168.11.10 (DSL2) > > Both rules has to be in the first row but bevor the normal rules get in touch. >
That's the way I should do it too. > > But the problem with the gateway monitor still exists, in my case the "srcip" > of apinger is not the same as the "wan" address. So he can't ping anything, > because of the wrong "srcip", should be "192.168.11.10" but it's > "192.168.10.10". > Any ideas about that? > You can use for instance the nameservers of both ISP's as monitor system. Then for the target IP (nameserver) of DSL2 you can create a static route through DSL2 gateway. Nameserver of DSL2's ISP, does not need to be reachable through DSl1. Then the "scrip" is correct. Regards, Pim van Stam > Best regards > -- > carlo blohm | systemadministrator > > zweimaleins | werbeagentur gmbh > elbestrasse 28/29 | 12045 berlin > fon (030)61 10 86 -272 | fax -20 > > carlo.bl...@zweimaleins.de > www.zweimaleins.de > > Geschäftsführung: Alexander Stendel > Amtsgericht Charlottenburg | HRB: 112415 B > > > -----Ursprüngliche Nachricht----- > Von: list-boun...@lists.pfsense.org [mailto:list-boun...@lists.pfsense.org] > Im Auftrag von Carlo Blohm > Gesendet: Freitag, 2. Dezember 2011 16:00 > An: List@lists.pfsense.org > Betreff: [pfSense] Virtual IP on WAN and there difficulties > > Hi there, > > i recently installed pfsense 2.0. > > My network config is > > DSL1(192.168.10.1) DSL2(192.168.11.1) > |________________________| > | > (WAN ) > (pfSense ) > ( LAN ) > | > [special computers] ......... [rest] > > > DSL1: > IP 192.168.10.1/24 > pfSense: 192.168.10.10 > > DSL2: > IP 192.168.11.1/24 > pfSense: 192.168.11.10 > > My problem is: I want to use DSL1 as normal internet connect und DSL2 for > special computers in my network. Lets say they have IPs like 10.10.10.50 - > 10.10.10.70. These special computers should go out on DSL2 to any host in the > internet. > > I tried to manage that. I set the manual outbound nat (DSL2 IP is an Virtual > IP alias on WAN, DSL1 is WAN and set two routes in routing tab) to use the > DSL2 for the special computers but it doesn't worked. > > These computers have not any internet in this configuration, so I guess the > outbound nat rule is active. > > I had to disable monitoring for DSL2 because in the "apinger.conf" there the > wrong "srcip". > > I tried to put a second default route with a higher metric, but that seems > not be possible. > > What else can I do? > Is my concept wrong or do I miss something? > > Any help would be appreciated. > > Best regards > > -- > carlo blohm | systemadministrator > > zweimaleins | werbeagentur gmbh > elbestrasse 28/29 | 12045 berlin > fon (030)61 10 86 -272 | fax -20 > > carlo.bl...@zweimaleins.de > www.zweimaleins.de > > Geschäftsführung: Alexander Stendel > Amtsgericht Charlottenburg | HRB: 112415 B > > > _______________________________________________ > List mailing list > List@lists.pfsense.org > http://lists.pfsense.org/mailman/listinfo/list > > > _______________________________________________ > List mailing list > List@lists.pfsense.org > http://lists.pfsense.org/mailman/listinfo/list _______________________________________________ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
