On Wed, Jun 17, 2009 at 2:47 PM, JJB<onephat...@earthlink.net> wrote: > We've tried this 10 different ways, so far it has not worked. > > Current Config is two pfsense 1.22 firewalls with CARP two WAN connections > (not load balanced or failover) (covad & att), with a DMZ interface where > our mail and other internet servers live. > > I want the mail server to only make SMTP connections using the AT&T > interface, but it defaults to using the WAN interface (on the Covad). We > route all generic traffic over the covad 10mb wan link (the default) and for > server-to-server traffic (such as Iron Mountain backups we route to a > specific ip block or address over the AT&T interface. > > It is obvious how to do this with a static route when you have a specific > address or block to communicate with, but to say "all traffic 'from this DMZ > address to anywhere' should be transmitted via the AT&T link" is not > working. >
You should really never use static routes with multi-WAN, other than directing traffic initiated by the firewall (which should only be your DNS servers). Make sure your rules are in the right order, first match wins. --------------------------------------------------------------------- To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
