On 8/15/2011 5:11 AM, mayak-cq wrote: > On Sat, 2011-08-13 at 11:34 +0200, mayak-cq wrote: >> hi chris >> >> On Fri, 2011-08-12 at 17:00 -0400, Chris Buechler wrote: > <snip> > > >>> It does not, policy routing rules override the system routing table. >> i just tried booting pfsense as a live cd, entered the minimum basic >> information, ran tests, and wan interface route overrules my policy >> route. this running in a vmware box, but i don't think that should >> influence policy routing. >> >> i tested a lan rule that blocks a client, and that worked, and when i >> changed back to "pass", the client uses wan interface default route in >> stead of policy route. is there a way to query pfsense to show its >> routing decision? > > i have installed vlans on the wan interface, and policy routing works as > expected.
It sounds like you were hitting this: http://redmine.pfsense.org/issues/651 There is an issue with having two gateways on a single interface, moving to vlans makes them land on separate interfaces, which is known to work fine so long as they're on different subnets (or at least have different gateways, but you could still have issues if they share a subnet). Jim --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
