Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
22.1 Legacy Series
»
Question about policy based routing
« previous
next »
Print
Pages: [
1
]
Author
Topic: Question about policy based routing (Read 933 times)
diekos
Newbie
Posts: 3
Karma: 0
Question about policy based routing
«
on:
April 10, 2022, 08:55:01 pm »
Hello!
I have a question about the Gateway / policy based routing options on the firewall.
When i have for example a LAN and GUEST network, and 2 WAN connections.
WAN1 has a gateway with priority 10, and WAN2 has a gateway with priority 20.
There is a gateway group which has WAN2 as tier 1, and WAN1 as tier 2.
LAN has an allow all rule with gateway set to "default".
GUEST has an allow all rule with gateway set to the gateway group mentioned above, so that GUEST will use WAN2 as default, and fall back to WAN1 when WAN2 is down.
GUEST can't ping LAN despite the allow all rule, but that is because it uses the gateway group, so that is expected.
What I find unexpected is that LAN can ping to the GUEST network and get a ping reply from a device in the GUEST network, despite the GUEST network using the gateway group.
How does the device on the GUEST network know the route back? Is this because there is some kind of connection tracking causing this?
Can someone help me understand how this works?
Thanks in advance!
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
22.1 Legacy Series
»
Question about policy based routing