Welcome, Guest. Please login or register.
Did you miss your activation email?
+  pfSense Forum
|-+  pfSense English Support» Routing and Multi WAN» Problem accessing some websites with multi wan enabled
Username:
Password:
 
Home Help Search Login Register
 

Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Problem accessing some websites with multi wan enabled  (Read 943 times)
0 Members and 1 Guest are viewing this topic.
Ozzik
Full Member
***
Offline Offline

Posts: 102


View Profile
« on: December 01, 2010, 02:44:14 am »
Hi,
probably this issue has already been discussed, but I couldn't find it.
Since sticky connections don't really work (at least in 1.2.3) I was wondering how can I access some websites while in Multi Wan.
Such sites include ebay, technet.microsoft, newegg. Just to clarify - I'm not talking about HTTPS, just regular HTTP.
When I try accessing them - they never end loading. I tried creating an alias for such websites and then directing them all to go through a particular gateway. This way it seems to work. But of course it's not very realistic - adding all the IPs of such huge websites.
Is there a solution for this issue? I'm sure lots of people experiencing this.

I'm aware of the solution, when each LAN subnet can be routed through a different gateway, but it's not very realistic for me today.

And another question, is there a way to add a hostname to an alias instead of an IP? (so that the firewall would do the resolving).

Thanks.
Logged
Perry
Hero Member
*****
Offline Offline

Posts: 1152



View Profile
« Reply #1 on: December 01, 2010, 05:43:59 am »
I use failover pools as I don't see the point for using loadbalancing pools unless a download manager is in play.
I've created two failover pools (WAN2 has a faster download than WAN)
WAN2FailsToWAN Using a port alias with http https etc. (80, 443, 6667, 1935, 25, 143, 465, 993, 587)
WANFailsToWAN2 Doing everything else.

Quote
And another question, is there a way to add a hostname to an alias instead of an IP? (so that the firewall would do the resolving).
Nope
Logged
/Perry
doc.pfsense.org
Ozzik
Full Member
***
Offline Offline

Posts: 102


View Profile
« Reply #2 on: December 01, 2010, 06:12:45 am »
OK, I know it's an option, but most of the traffic at my office is HTTP and HTTPS. We have 3 x 10Mb lines and I'd like to use all of them, as we have about a 100 users surfing the net all day long.
Logged
Perry
Hero Member
*****
Offline Offline

Posts: 1152



View Profile
« Reply #3 on: December 01, 2010, 07:08:20 am »
Let's say there is 20 users in 5 subnet's. I would split those 20 users in a subnet to 3 groups

Subnet 1:
User range 192.168.1.2-6 with a destination port alias (http and https) gateway WAN2FailsToWAN
User range 192.168.1.7-16 with a destination port alias (http and https) gateway WAN3FailsToWAN
User range 192.168.1.17-21 with a destination port alias (http and https) gateway WAN2FailsToWAN
WANFailsToWAN3 Doing everything else

Subnet 2:
User range 192.168.2.2-6 with a destination port alias (http and https) gateway WAN3FailsToWAN
User range 192.168.2.7-16 with a destination port alias (http and https) gateway WAN2FailsToWAN
User range 192.168.2.17-21 with a destination port alias (http and https) gateway WAN3FailsToWAN
WANFailsToWAN2 Doing everything else
Logged
/Perry
doc.pfsense.org
Ozzik
Full Member
***
Offline Offline

Posts: 102


View Profile
« Reply #4 on: December 01, 2010, 07:38:27 am »
I see. I was hoping for something more automatic, but I guess I'll have to wait for 2.0 and pray that sticky connection will work there. Anyway, thanks a lot! I'll keep that in mind.
Logged
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

 

Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Page created in 0.027 seconds with 19 queries.