On 2007/04/27 23:02, Johan Linner wrote: > 2 wan connections, I want the traffic from the internal lan ($lan) to go > through the wan1 ($wan1) connection via NAT. Wan1 is not the default > route, I use route-to, right?? How is this working together with NAT? > And are the replies making it through back to the internal clients > without any more rules? > > block in > pass out > nat on $wan1 from $lan:network to any -> $wan1:0 > pass in on $lan route-to ($wan1 $gw1) proto tcp from $lan:network to \ > any port $ports
use route-to on the way out; pass in on $lan proto ... pass out on egress route-to ($wan1 $gw1) ... from $wan1:0 ... > Ok, now I want to redirect http traffic on $wan1 to an internal server, > is this the time to use reply-to??> Is this enough to make it work, or > are additional rules needed? yes, should be enough, reply-to is slightly easier to use than route-to. > Will this affect traffic going trough wan2 which is the default route? no, reply-to just adds to the state of packets matching the pass rule.
