I have a dual wan (not through choice only legacy) , the issue is that
an openvpn connection needs to connect via the secondary wan connection
(192.168.9.1 ==> 192.168.9.2) which is not the default route for the
network see below (default route is 192.168.0.1 from pfsense).
Basically we need to connect through a node on the 182.168.111.0/24
network to access machines on this sub net.
HOW???
We can do this via mofiying the conf file directly but want to move to
an app interface environment and use pfSense entirely.
Hints would be greatly appreciated.
thanks
paul
the netwrok sample image
Michael Richardson wrote:
I've got a dual-wan setup and I want to cause traffic between an
internal machine, and external machine to occur over WAN2 (I could use
source or destination as criteria). Both public IPs would share a
gateway so I've put a NAT device on WAN2 and connected the modem to it
so now both WAN ports are on different subnets. (more)
With the appropriate LAN rule in place, traffic doesn't flow UNLESS I
start a packet capture on WAN2 (I found this while trying to
troubleshoot). Why would this be? Anyone got the time and know-how to
help me troubleshoot this?
Here’s my setup. Hope the art comes through decently. The reason for
the SpeedStream device is because otherwise both WAN interfaces would
have the same gateway IP and I read that is unacceptable for a
dual-wan config.
------------------------------------------------
| WAN 67.x.x.12 |---- Cable Modem1
| |
| “pfSense 1.2” |
| LAN 192.168.1.0 |
------------------------------------------------------------
| | | “SpeedStream 2601” for NAT |
| WAN2 192.168.0.2 |---------- | 192.168.0.1 |------ Cable Modem 2
------------------------------------------------
------------------------------------------------------------
I want to be sure that traffic FROM 192.168.1.22 or traffic TO
78.x.x.10 goes through WAN2 (I can use source, destination, or both).
Outbound NAT is set to Automatic and has only the default LAN rule in
place. I have added a LAN rule, but instead of trying to communicate
what it is and confirm it’s right, I think it would be faster if
someone could tell me what it should be (at least one of the options),
and I’ll just use that.
ANYthing else I haven’t mentioned, I likely don’t know about and need
pointed out.
Thanks in advance, and I’m loving 1.2. The upgrade was flawless.
Mike
--
-----------------------------------------------------------------------------------------------
GD Consulting srl
Via della Giustizia, 10/B
20125 Milano (MI) - Italy
Web: http://www.gdconsulting.it - Email: [EMAIL PROTECTED]
Tel: +39-02.6710.1331 - Fax: +39.02.6707.8798
Ai sensi del D.L. n. 196/2003 e successive modifiche/integrazioni le
informazioni contenute in questo messaggio di posta elettronica sono riservate
e per uso esclusivo del destinatario.
Qualsiasi pubblicazione, utilizzo o diffusione anche parziale dello stesso non può essere effettuata senza autorizzazione e potrebbe costituire un illecito penale. Qualora non siate tra i legittimi destinatari di questa e-mail Vi preghiamo cortesemente di cancellarla dal sistema dopo aver notificato al mittente, rispondendo alla comunicazione, l'errore da questi commesso. -----------------------------------------------------------------------------------------------
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
