Re: [pfSense] Dual wan issues
On 2012-02-03 11:56, - Dickie Bradford - wrote: On 1/1/2012 8:11 PM, - Dickie Bradford - wrote: On 12/28/2011 1:55 AM, bruno.deb...@cyberoso.com wrote: Le Tue, 27 Dec 2011 22:53:15 -0500, - Dickie Bradford -dbradf...@never-enuff.net a écrit : I am currently running dual wans to help with traffic load, I have sticky connections and allow default gateway switching checked, My wans are both setup as tier1 in gateway groups and my rules allow outbound traffic out via that group. This has been working pretty well except for a hand full of websites that just behave odd, ( 1 off hand: Vonage) when I log in and when I go to check my voicemail on line, it makes me login again, it seems like it looses its session. I have made a work around rule the for the few particular sites i know of, I just send all their traffic out a single gateway and this works fine and normal, but may get to be a pain if I have to do it to my other dual wan systems. Is there anything else I could look for or do to remedy this? Thnx Dickie I did have the same problem. On https sites, authentication randomly goes away. As a workaround, I had to force one box as the gateway for https traffic (which is allmost only for these sites in my case anyway) Seems sticky connections does not work on https? Maybe a limitation of the built-in package responsiable for server load balancing (relayd). The haproxy package may be an alternative. ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Dual wan issues
On 3/2/12 4:56 pm, - Dickie Bradford - wrote: Does anyone know why sticky connections do not work on https ? Is it possible that although the url is the same, the IP address behind it fluctuates. As I understand things, the 'sticky connections' option is by IP (i.e. layer 3) rather than by url (layer 7). Kind regards, Chris -- This email is made from 100% recycled electrons ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Dual wan issues
On 12/28/2011 1:55 AM, bruno.deb...@cyberoso.com wrote: Le Tue, 27 Dec 2011 22:53:15 -0500, - Dickie Bradford -dbradf...@never-enuff.net a écrit : I am currently running dual wans to help with traffic load, I have sticky connections and allow default gateway switching checked, My wans are both setup as tier1 in gateway groups and my rules allow outbound traffic out via that group. This has been working pretty well except for a hand full of websites that just behave odd, ( 1 off hand: Vonage) when I log in and when I go to check my voicemail on line, it makes me login again, it seems like it looses its session. I have made a work around rule the for the few particular sites i know of, I just send all their traffic out a single gateway and this works fine and normal, but may get to be a pain if I have to do it to my other dual wan systems. Is there anything else I could look for or do to remedy this? Thnx Dickie I did have the same problem. On https sites, authentication randomly goes away. As a workaround, I had to force one box as the gateway for https traffic (which is allmost only for these sites in my case anyway) Seems sticky connections does not work on https? Would be great to have some feedback on that. Bruno ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list I went back and checked, mine are all https as well. -- Dickie Bradford Never-Enuff Internet ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
[pfSense] Dual wan issues
I am currently running dual wans to help with traffic load, I have sticky connections and allow default gateway switching checked, My wans are both setup as tier1 in gateway groups and my rules allow outbound traffic out via that group. This has been working pretty well except for a hand full of websites that just behave odd, ( 1 off hand: Vonage) when I log in and when I go to check my voicemail on line, it makes me login again, it seems like it looses its session. I have made a work around rule the for the few particular sites i know of, I just send all their traffic out a single gateway and this works fine and normal, but may get to be a pain if I have to do it to my other dual wan systems. Is there anything else I could look for or do to remedy this? Thnx Dickie -- Dickie Bradford Never-Enuff Internet D12 Networks P.O.Box 426 Colver, Pa 15927-0426 http://www.Never-Enuff.net http://www.D12Networks.com Toll Free: 1-800-647-3145 Local: 814-569-1934 The man who sais it cannot be done, should not interupt the man who is trying to do it! ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list