Simple Routing setup is killing me!

Started by skipper1, July 19, 2016, 12:35:04 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
July 19, 2016, 12:35:04 PM Last Edit: July 19, 2016, 10:56:10 PM by skipper1
For the life of me I cant get this to work.  I can do it with a cisco.  I can even do it in windows.  Hopefully someone can help me figure out what im missing so i can do it with opnsense.

topology

gateway1                                              gateway2
192.168.1.1 255.255.255.0            192.168.1.2 255.255.255.0

                     opnsense
                     wan 192.168.1.3 255.255.255.0
                     nat
                     lan 10.0.3.1 255.255.255.0


Ok so here is the problem is i want all lan traffic to go out gateway1 except a certain subnet.  I can get all of it to go out gateway 1 with no issues at all.  However I cannot get a static route for a certain subnet to go out gateway two.

I have gateway1 setup as my upstream gateway in my wan interfaces settings. 
I have both gateways defined in system gateways. 
Under routes I defined the subnet and pointed it towards gateway 2.

Hopefully someone can tell me what im missing.
July 19, 2016, 05:17:57 PM #1
Hmm.. which LAN segment needs to use GW2? I only see one LAN (10.0.3.0).
July 19, 2016, 10:37:58 PM #2
the lan segment is the 10.0.3.0.  It needs to utilize both gateways. Think of the gateways as two external cisco routers.

I need 0.0.0.0 0.0.0.0 all traffic to route through one gateway1  and lets say 10.10.10.0/24 to route through gateway 2.

July 19, 2016, 10:41:23 PM #3
Since you wrote pfsense, are you expecting us to help you with your pfSense setup or are you mistyping here?
Hobbyist at home, sysadmin at work. Sometimes the first is mixed with the second.
July 19, 2016, 10:50:05 PM #4
doh good catch.  Fixed the name. Its Definitely opnsense ;).  Old habits.
July 19, 2016, 11:05:11 PM #5
:-) You wouldn't be the first one...
Hobbyist at home, sysadmin at work. Sometimes the first is mixed with the second.
July 19, 2016, 11:18:33 PM #6
Quote from: skipper1 on July 19, 2016, 10:37:58 PM
the lan segment is the 10.0.3.0.

So there are _no_ separated subnets on LAN side. There is one segment and all routes default to 10.0.3.1 for that segment.

Quote
  It needs to utilize both gateways. Think of the gateways as two external cisco routers.

I need 0.0.0.0 0.0.0.0 all traffic to route through one gateway1  and lets say 10.10.10.0/24 to route through gateway 2.

Where does 10.10.10.0/24 come from? Is that the target network via gw2 or a network inside 10.0.3.0/24?
July 20, 2016, 12:51:28 AM #7
No separate subnets on the lan side.  Just the one.

The 10.10.10.0/24 is a target network available through gw2

July 20, 2016, 02:42:53 AM #8
Ok, so you want to route all traffic to 10.10.10.0/24 via gw2 and the rest via gw1? This is called policy based routing. You add a rule on the incoming LAN side and define the to be used gateway there. So if a paket's destination is 10.10.10.0/24 you just select gw2 as gateway for such traffic. Not matching traffic will be routed via the system's default gateway.
Keep in mind that policy based routing will put some load on the machine. So if routing gigabit lines, you will see some digression..
Print
Go Up Pages1
User actions