How to assign one device to a spesific gateway multiwan setup

[NeopegasusZeo]

Hi Every one, i am using Opnsense for a little more than a year, a couple of week ago I got a second isp and so i am doing multiwan with load-balancing.

I finally have everything working as it should but one thing i cant find on the forum and in the docs is how to tel one device in my network to use always use one gateway or interface, so not using the gateway group.

This is because the device need to always be connected to wan2 from isp2 the rest works without any problem so no need to do with the rest.

can some one point me to a tutorial or something ?

Best regards
NeopegasusZeo

[netnut]

I finally have everything working as it should but one thing i cant find on the forum and in the docs is how to tel one device in my network to use always use one gateway or interface, so not using the gateway group.

In the specific Firewall Rule(s) select the WAN2 gateway (Gateway option) to use Policy Based Routing, the rule(s) will now use the WAN2 exclusively.

[dseven]

To attempt to state the above reply a bit more clearly.... create a new firewall rule, above the one that points to the gateway group, and specify your "one device" as the source and WAN2 as the gateway.

You could also create another gateway group where WAN2 is a higher tier than WAN[1], and use that in your new rule - that way your "one device" would still have (some) internet access if ISP1 goes out of service for any reason.

[NeopegasusZeo]

To attempt to state the above reply a bit more clearly.... create a new firewall rule, above the one that points to the gateway group, and specify your "one device" as the source and WAN2 as the gateway.

You could also create another gateway group where WAN2 is a higher tier than WAN[1], and use that in your new rule - that way your "one device" would still have (some) internet access if ISP1 goes out of service for any reason.

Thanks to pin point it, I will check later, I dit 3 rule,s ( lan rule) setting before witch is like this:
1 rule:
Pas
Singel network or host:
Ip/24
Type: tcp/udp
Port: dns
Gateway: wan2

2 rule :
Pas
Singel network or host:
Ip/24
Type: any
Port: any
Gateway: wan2

3rule:
Same as rule 2 but I've

When I activate those 3 rules, everything is using my gateway wan2 Wich I don't want.

The device don't need internet from wan1 if wan2 is down, then he is also down.

The device is mediaplayer from the ISP from wan2 and sadly it need to go through wan2 to work.

But Dseven, I think with what you point it me , looks like I only need to do the IP rules not the DNS ?
Because as I said before when I have all 3 the Load balancing go totally crazy.

Best regards

NeopegasusZeo

[dseven]

I think you're making a mistake that seems to be quite common - in fact I'm thinking about logging an issue to suggest that OPNsense not allow it...

When specifying a single host for a firewall rule, do not use a /24 subnet mask! Use the "Single host" option and the IP address with no subnet mask, or if you must specify a subnet mask, use /32 - otherwise your rule will apply to the entire subnet, not just the individual host.

[dseven]

I always use aliases for things like this - the alias GUI has separate options for Host(s) and Network(s). Unfortunately the rule GUI combines them as "Single host or Network", and seems to default to a /24 netmask, so it's rather encouraging the error. I'm still formulating an enhancement request ;)

[NeopegasusZeo]

I think you're making a mistake that seems to be quite common - in fact I'm thinking about logging an issue to suggest that OPNsense not allow it...

When specifying a single host for a firewall rule, do not use a /24 subnet mask! Use the "Single host" option and the IP address with no subnet mask, or if you must specify a subnet mask, use /32 - otherwise your rule will apply to the entire subnet, not just the individual host.

I was feeling that but I am not good in ip adres so I left as they advised ( default) witch is th ip/24 there is no option for only the IP.
As soon I am home I will adjust the te rules with the/32 and what do I use on ipad? There is 64 I guess 86 or so ?

But it's seems no one else head this problems before as I couldn't find any of this on the forum or in the doc's.
As I said before I am using Opnsense for a year and never needed to do a post because I always find my solution but this is new looks like.

Thanks a lot I will send my results soon

Best regards

NeopegasusZeo.

[NeopegasusZeo]

I think you're making a mistake that seems to be quite common - in fact I'm thinking about logging an issue to suggest that OPNsense not allow it...

When specifying a single host for a firewall rule, do not use a /24 subnet mask! Use the "Single host" option and the IP address with no subnet mask, or if you must specify a subnet mask, use /32 - otherwise your rule will apply to the entire subnet, not just the individual host.

🤔 I used alias for my gaming bro's to login to my gaming server, didn't think about that one 🤔🤔.
Because I have one gaming alias and in there I put all the ipadres that's need to get to the server that makes it easy to manage.
I wil maybe try that!

Thanks again

[NeopegasusZeo]

I always use aliases for things like this - the alias GUI has separate options for Host(s) and Network(s). Unfortunately the rule GUI combines them as "Single host or Network", and seems to default to a /24 netmask, so it's rather encouraging the error. I'm still formulating an enhancement request ;)

Ok its working 8)
I make the alias, then I put the alias in the 3 rules I make.
After that I needed to put them expesialy the dns one right on top of the ones you make for your multiwan (from the doc's).
after all of this wuala it works.

Thanks every one that help!!
and i hope this helps some one else in the future!!!

Best regards
NeopegasusZeo