OPNsense Forum
Archive => 18.1 Legacy Series => Topic started by: cyberganny on March 24, 2018, 11:50:51 pm
-
I set up my firewall as discriped in the documentation. I have 2 WAN gateways. My problem is, that I am not able to access the "passive" gateway from inside the lan. Access from extern works via both gateways. When I try to access the passiv gateway (192.168.5.1) from internal, the traffic is always routed through the active (192.168.0.1) gateway.
See traceroute:
traceroute to 192.168.5.1 (192.168.5.1), 64 hops max, 52 byte packets
1 10.1.1.1 (10.1.1.1) 0.723 ms 0.384 ms 0.319 ms
2 192.168.0.1 (192.168.0.1) 0.959 ms 0.858 ms 0.859 ms
3 213-146-234-185.xxxx.de (213.146.234.185) 8.447 ms 4.396 ms 15.199 ms
4 ...
the routes to the passive gateway exist in the active routing table:
Internet:
Destination Gateway Flags Netif Expire
default 192.168.5.1 UGS em2
google-public-dns- 192.168.5.1 UGHS em2
google-public-dns- 192.168.0.1 UGHS em1
10.1.1.0/24 link#1 U em0
OPNsense link#1 UHS lo0
localhost link#5 UH lo0
192.168.0.0/24 link#2 U em1
OPNsense link#2 UHS lo0
192.168.5.0/24 link#3 U em2
OPNsense link#3 UHS lo0
Any Ideas what I have to do, that I can reach my gateway?
Thanks in advance
-
That's how traceroute works. You reach always the next hop and then your rules wont match anymore. Better so a packet capture on backup WAN If packets are leaving correct.
-
This ist not the answer of my question.
How can I access the gateway router on the passiv MultiWAN side?
-
I'm quite sure you have your anti lockout rules only for Firewall1 IP, please double check
-
yes this was it, now it runs,
thanks