Hello, We have 2 ISPs, one is connected to us over ethernet and is not in any gateway group, the other ISP is over 3 DSL modems which i have configured into a gateway group. I have created a policy route under the firewall rules section. it is using an alias for the destination, the alias is a list of networks. This policy-route states 'if any traffic is heading to any of the networks defined in the alias, use the DSL gateway group. all other traffic goes down the ethernet gateway.
this works as expected from any host on the inside network, but not from the firewall itself. typically this wouldn't be a problem but because i am using the squid proxy service on the box, all http traffic from squid appears to be 'by passing' the rule and using the wrong gateway. I made the policy-route rule a floating one and it worked from inside perfectly. after seeing the above issue, i applied it also to the external and internal interface without any change in behavior. I clear the states each attempt. any idea what I might do to have the box itself obey the policy route on any locally generated traffic? Running version 2.0-REL. path from pfsense host: 1. 10.101.101.101 <<<<<<< ethernet router for primary isp, wrong route for network. 2. 91-125-16-34.ip.tor.net 3. 172.30.222.6 4. gw-google.torontointernetxchange.net 5. 216.239.47.114 6. 64.233.175.132 7. yyz06s06-in-f6.1e100.net path from internal host: 1. foundry-sx1600-01.studio.local 2. dsl01.studio.local <<<<<<<<<<-----DSL modem, correct path for target network. 3. 66.49.167.125 4. 66.49.255.153 5. 66.49.255.246 6. gw-google.torontointernetxchange.net 7. 216.239.47.114 8. 64.233.175.132 9. yyz06s06-in-f6.1e100.net thanks for your time, greg
_______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
