Sorry for the earlier email... Gmail keyboard shortcuts got the better of me. I'm sorry.
On 10/19/06, Bill Marquette <[EMAIL PROTECTED]> wrote:
We don't. This is the same issue you asked about months ago in regards to squid and ftp-proxy.
Thanks Bill! Your memory seems better than my own!! :-) Btw, I noticed the following behaviour: I have default route set through $WAN1 and I have NAT > Outbound > Enable IPSec passthru enabled.
From the pfSense box, I can "ping -S $WAN2_IP google.com" and it
works. If I disconnect the link upstream on $WAN2, I my ping stops. Ping is indeed using WAN2. But if I use NAT > Outbound > Enable advanced outbound NAT, the above ping command stops working. Enabling IP Sec passthru produces the following NAT rules in /tmp/rules.debug for a dual WAN setup: nat on $WAN1 from 192.168.1.0/24 to any -> ($WAN1) nat on $WAN2 from 192.168.1.0/24 to any -> ($WAN2) nat on $WAN2 from 10.0.2.0/24 to any -> ($WAN2) nat on $WAN1 from 10.0.2.0/24 to any -> ($WAN1) WAN1: 10.0.1.2/24, GW: 10.0.1.1 WAN2: 10.0.2.2/24, GW: 10.0.2.1 With these NAT rules, it looks like any packet with src of $wan2 IP, gets sent through the $wan2 interface. Am I missing something? I can't understand why these NAT rules work as expected. I appreciate any pointers. Thanks for any help! - Raja
