OPNsense Forum

Archive => 20.1 Legacy Series => Topic started by: ctr on March 14, 2020, 09:08:59 pm

Title: policy based routing for locally originated traffic
Post by: ctr on March 14, 2020, 09:08:59 pm

I'm having some problems to implement PBR for traffic destined from OPNsense itself.
My goal is to build two VPN tunnels (Wireguard) via two different links, but to the same destination IP. The decision making criteria which path to chose shall be the (source or destination) port.
It already starts strange, if I create two gateways (one for each path) and a static (host) route on each gateway only one is inserted into the kernel, strangely the one that is on the gateway with the *higher* priority although it reads "lower means more important". I assume this is only the case for default gateway, but how can I set the metric then?

When trying to divert traffic to a specific port (again, originated on the firewall itself) I can't find a working combination. Which firewall / nat rule am I supposed to enter traffic that is originated from the FW?
If I put it on the interface where it would leave as per the route the pbr routing works, but it is going out with the wrong source IP in that case...

Title: Re: policy based routing for locally originated traffic
Post by: mimugmail on March 14, 2020, 09:11:47 pm

Afaik pbr for local traffic is not possible with BSD