You'll need a rule for the remote networks that bypasses the load balance rule and just uses the default gateway. The way we have load balancing working with multiple wans bypasses the kernel routing table.
--Bill On 6/9/06, Bo Rasmussen <[EMAIL PROTECTED]> wrote:
Hello all, We have setup one pfsense firewall, which have 2 wans, 3 dmzs and a lan. I have enabled ipsec and mobile clients on the firewall, and that works swell. I have not enabled advanced outbound nat, and the ipsec passthrough option is enabled. The problem is, that we have 3 computers behind the firewall which each have a software vpn client installed. When they try to connect to a remote vpn concentrator, the first computer will get through, but all the others will just wait to connect. I have made some tcpdumping on the different interfaces, and it seems that when the second computer tries to make a vpn connection, the firewall will leak the private IP address of the second computer onto the wan. But the first computer, will just go through fine and make a connection to the remote vpn concentrator. I have been using OpenBSD and pf before with the exactly same setup, with no trouble at all. So I was wondering what could be wrong, anyone with some ideas? Venlig hilsen Bo Rising Rasmussen sikkerheds konsulent / CISSP / MCP [EMAIL PROTECTED] cadesign ------------------------ rosensgade 26 8000 århus c tlf +45 8730 0000 fax +45 8620 5484 dir +45 8620 5492 www.cadesign.dk --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]