On Mon, 2011-08-15 at 08:45 -0400, Jim Pingle wrote: > On 8/15/2011 5:11 AM, mayak-cq wrote: > > On Sat, 2011-08-13 at 11:34 +0200, mayak-cq wrote: > >> hi chris > >> > >> On Fri, 2011-08-12 at 17:00 -0400, Chris Buechler wrote: > > <snip> > > > > > >>> It does not, policy routing rules override the system routing table. > >> i just tried booting pfsense as a live cd, entered the minimum basic > >> information, ran tests, and wan interface route overrules my policy > >> route. this running in a vmware box, but i don't think that should > >> influence policy routing. > >> > >> i tested a lan rule that blocks a client, and that worked, and when i > >> changed back to "pass", the client uses wan interface default route in > >> stead of policy route. is there a way to query pfsense to show its > >> routing decision? > > > > i have installed vlans on the wan interface, and policy routing works as > > expected. > > It sounds like you were hitting this: > http://redmine.pfsense.org/issues/651 > > There is an issue with having two gateways on a single interface, moving > to vlans makes them land on separate interfaces, which is known to work > fine so long as they're on different subnets (or at least have different > gateways, but you could still have issues if they share a subnet).
hi jim, yep! that was it -- vlans and different subnets has taken care of the issue ... thanks :-) m --------------------------------------------------------------------- To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
