[SOLVED] Routing trouble with MultiWAN failover

[cyberganny]

I set up my firewall as discriped in the documentation. I have 2 WAN gateways. My problem is, that I am not able to access the "passive" gateway from inside the lan. Access from extern works via both gateways. When I try to access the passiv gateway (192.168.5.1) from internal, the traffic is always routed through the active (192.168.0.1) gateway.

See traceroute:

traceroute to 192.168.5.1 (192.168.5.1), 64 hops max, 52 byte packets
 1  10.1.1.1 (10.1.1.1)  0.723 ms  0.384 ms  0.319 ms
 2  192.168.0.1 (192.168.0.1)  0.959 ms  0.858 ms  0.859 ms
 3  213-146-234-185.xxxx.de (213.146.234.185)  8.447 ms  4.396 ms  15.199 ms
 4  ...

the routes to the passive gateway exist in the active routing table:

Internet:
Destination        Gateway            Flags     Netif Expire
default            192.168.5.1        UGS         em2
google-public-dns- 192.168.5.1        UGHS        em2
google-public-dns- 192.168.0.1        UGHS        em1
10.1.1.0/24        link#1             U           em0
OPNsense           link#1             UHS         lo0
localhost          link#5             UH          lo0
192.168.0.0/24     link#2             U           em1
OPNsense           link#2             UHS         lo0
192.168.5.0/24     link#3             U           em2
OPNsense           link#3             UHS         lo0

Any Ideas what I have to do, that I can reach my gateway?

Thanks in advance

[mimugmail]

That's how traceroute works. You reach always the next hop and then your rules wont match anymore. Better so a packet capture on backup WAN If packets are leaving correct.

[cyberganny]

This ist not the answer of my question.
How can I access the gateway router on the passiv MultiWAN side?

[mimugmail]

I'm quite sure you have your anti lockout rules only for Firewall1 IP, please double check

[cyberganny]

yes this was it, now it runs,
thanks