Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
Unable to receive Connection through WAN2
« previous
next »
Print
Pages: [
1
]
Author
Topic: Unable to receive Connection through WAN2 (Read 4023 times)
Simon
Newbie
Posts: 19
Karma: 1
Unable to receive Connection through WAN2
«
on:
April 26, 2019, 11:46:14 pm »
I have 1 LAN connection and 2 WAN Connections (Design for failover / load balancing )
Default gateway is not set on either WAN
I can receive the connection via Port Forwarding on WAN 1 to the web server ( Port 80 )
However with the same setting on WAN 2 ( with same port forwarding ) it wont connect.
I have been working on this for a week now, change every setting I can think of, but no luck
I need this working where either WAN connection in goes to the same server via the LAN interface
for load balancing, I have checked logs and on WAN2 when the conenction comes in it shows as
orange with rdr ( I assume that means port forward redirect )
Its not FQDN or DNS or web server binding
I am getting to the end of things to try, really need any help I can get
Appreciated
Help !
Logged
hbc
Hero Member
Posts: 501
Karma: 47
Re: Unable to receive Connection through WAN2
«
Reply #1 on:
April 27, 2019, 08:11:12 am »
Two different isp? Static ips? How do you balance incoming traffic? Dynamic routing protocols or round robin dns for your webserver?
You have to ask yourself how traffic should know that WAN2 should be used.
Logged
Intel(R) Xeon(R) Silver 4116 CPU @ 2.10GHz (24 cores)
256 GB RAM, 300GB RAID1, 3x4 10G Chelsio T540-CO-SR
Simon
Newbie
Posts: 19
Karma: 1
Re: Unable to receive Connection through WAN2
«
Reply #2 on:
April 27, 2019, 02:14:06 pm »
Hbc
Thanks for your reply
The 2 WAN IPs are from different providers they are both static
for example
WAN IP 1 = 50.50.50.50
WAN IP 2 = 60.60.60.60
50.50.50.50:80 connects fine ( forwards on to the server )
60.60.60.60:80 doesnt connect ( doesnt forward )
Even though both WAN port forwards are setup the same
Logged
hbc
Hero Member
Posts: 501
Karma: 47
Re: Unable to receive Connection through WAN2
«
Reply #3 on:
April 27, 2019, 02:17:03 pm »
And the traffic is received on WAN2 if you connect to 60.60.60.60:80? tcpdump on interface to confirm.
Logged
Intel(R) Xeon(R) Silver 4116 CPU @ 2.10GHz (24 cores)
256 GB RAM, 300GB RAID1, 3x4 10G Chelsio T540-CO-SR
Simon
Newbie
Posts: 19
Karma: 1
Re: Unable to receive Connection through WAN2
«
Reply #4 on:
April 27, 2019, 02:27:50 pm »
Thank you
Yes,
I get a log entry with an rdr reference ( I assume that means redirect / port forward )
Logged
Simon
Newbie
Posts: 19
Karma: 1
Re: Unable to receive Connection through WAN2
«
Reply #5 on:
April 29, 2019, 11:23:11 am »
I think I figured out why this is happening, though I cant figure out how to fix it
As i see it any data coming in on WAN 1 routes back out on WAN 1
However I think any data coming in on WAN 2 does hit the server but the firewall tries to
route it back out via WAN 1
How do I fix this ?
Many Thanks
Logged
Simon
Newbie
Posts: 19
Karma: 1
Re: Unable to receive Connection through WAN2
«
Reply #6 on:
May 01, 2019, 11:16:04 am »
Has anyone any ideas solutions?
I have been working on this for over 2 weeks now
I need it to connect and flow back out of the WAN it connected in to
The connection could connect to either WAN at anytime
I have a Draytek 2925 Dual WAN which works perfectly under these same conditions, both WAN ports connect
I dont really want to replace OPNSense with the Draytek as OPNSense offers so much more.
Many Thanks
Logged
Simon
Newbie
Posts: 19
Karma: 1
Re: Unable to receive Connection through WAN2
«
Reply #7 on:
May 01, 2019, 11:48:05 am »
Further update
If I set WAN2 as default gateway, then it works, but WAN1 then stops working
So I am back at square one, how do I get them both to work ?
A connection could come in from either WAN
Logged
hbc
Hero Member
Posts: 501
Karma: 47
Re: Unable to receive Connection through WAN2
«
Reply #8 on:
May 01, 2019, 05:14:41 pm »
Did you check the guides about multiWAN? I think you need gateway groups and have to define priorities.
Logged
Intel(R) Xeon(R) Silver 4116 CPU @ 2.10GHz (24 cores)
256 GB RAM, 300GB RAID1, 3x4 10G Chelsio T540-CO-SR
Simon
Newbie
Posts: 19
Karma: 1
Re: Unable to receive Connection through WAN2
«
Reply #9 on:
May 02, 2019, 05:47:16 pm »
hbc,
Thnaks for getting back to me,
Yes, I have checked those and created the appropriate Groups and balances
I have re installed 3 times, and tried every item I can find, every single configuration
You must be able to do this, otherwise there is no point to multi WAN pointing to a single LAN
The issue is for inbound connections only
Logged
Simon
Newbie
Posts: 19
Karma: 1
Re: Unable to receive Connection through WAN2
«
Reply #10 on:
May 30, 2019, 03:09:56 pm »
After 2 months, and every possible permutation and queries on forum I have given up
and concluded that inbound load balancing on multiple active WANS doesnt work,
OPNSense uses the default gateway method, eg it can only be received on that gateway
until that gateway fails and then the gateway switches to the other WAN, upon which
the WAN2 receives OK. So you can have both, but only one at a time.
I have replaced the entire set up with a Draytek 2925 Security Router, which works
perfectly across 3 WAN connections, inbound load balancing and failover.
I would much prefer opnsense, as the actual firewall is much better
Logged
hbc
Hero Member
Posts: 501
Karma: 47
Re: Unable to receive Connection through WAN2
«
Reply #11 on:
May 30, 2019, 05:02:42 pm »
Quote
I would much prefer opnsense, as the actual firewall is much better
Better stay with draytek. I have the impression it is the better system for your usecases
https://forum.opnsense.org/index.php?topic=12705.msg59840#msg59840
Logged
Intel(R) Xeon(R) Silver 4116 CPU @ 2.10GHz (24 cores)
256 GB RAM, 300GB RAID1, 3x4 10G Chelsio T540-CO-SR
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
Unable to receive Connection through WAN2