Hello Nick
Yes but I was thinking, as these are 2 physicals interfaces, having 2 different ip adress in the same subnet could do the trick.. as you said ClearOS will be lost with that solution ...
As I already migrated my old ISA server, I have now 2 separate ClearOS in my network in the same subnet. Of course, each one is connected to its own wan subnet and dont even know about the other Maybe I did not think enough
Well, if I want to use 2 differents subnet as I'm planning to do, I'll have to change the IP address of the call center and all my phones, so I need to be sure it's going to work or my collegues are going to kill me (or maybe they will be happy not being disturbed anymore )
Thanks

Hi Arnaud, watch out. You can't have the same subnet on both LAN interfaces so you can't have 192.168.100.3 on LAN2 if the LAN1 interface is 192.168.100.1. The exception to this is if you bridge the LAN interfaces but you have not talked about bridging.

@Duncan - Hello, I made half way till now .. mean the first WAN connection (data) is working fine. As I'll be on holiday next week, I dont want to make too big changes but I'm going to makea a short try next friday.
But because I should modify my call center and all my phones, I'm going to try the following :
- My first LAN card is configured and working with the IP adress 192.168.100.1 ; it's the default gateway for my network (except call center).
- Actually, I've a small ClearOS system for my VOIP with it's own internet connection and the LAN ip adresse 192.168.100.3. My call center is configured to use it as gateway. So, I'll stop that machine and configure my second lan card with the IP adresse 192.168.100.3 (with that, no change will habe to be made to my call center). Then I'll configure my second WAN connection, too. Finally, I'll try to add the ip rules as you described in your previous post

@Arnaud - did you get this working?

Arnaud Forster wrote:In the meantime I was wondering with the multi-wan component : according to the fact that my 1st lan interface is 192.168.100.1 and is acting as the gateway for my standard network (computers) ; if we have the source-base route with that ip address (192.168.100.1) to my 1st wan interface.. all the traffic from 192.168.100.1 should use the 1st wan interface ?

Unfortunately it does not work like that. The traffic will still have a source IP of the machine it originated from until it gets NAT'd when its source IP will change to your WAN IP. It just passes through the LAN interface.

woaw !
Thanks so much, going to try that .
In the meantime I was wondering with the multi-wan component : according to the fact that my 1st lan interface is 192.168.100.1 and is acting as the gateway for my standard network (computers) ; if we have the source-base route with that ip address (192.168.100.1) to my 1st wan interface.. all the traffic from 192.168.100.1 should use the 1st wan interface ?

deleted

Hi Nick

From the look of the diagram you could set the gateway for all the clients on subnet 80 vi dhcp to 192.168.80.1 then set a source based route so that all traffic from .80 subnet goes through WAN1

ip rule add table 100

ip route add WAN_IP/netmask dev eth1 src LAN_IP table 100 (WAN IP can be reached through eth1 with ip LAN_IP)

ip rule add from LAN_IP/netmask table 100 (traffic from LANIP/netmask must use routing table 100)

ip rule add to LAN_IP/netmask table 100 (traffic to LANIP/netmask must use routing table 100)

DISCLAIMER: I have not tested this!

Hi Duncan,
I quickly installed MultiWAN on a play VM at home last night and the Source Routing seemed to want an IP address in it. Do you know if you can put a subnet into that field. Otherwise what you are suggesting looks changing the routing table do each LAN gets a different gateway. Do you know how to do that? I don't have the set up to play around like that.

Can't you just have the 2 different LAN gateways pointing to 2 different WAN gateways

2 NICs configured as external pointing to the 2 different WANS.

So VOIP on subnet .80 points to local gateway 80.1 which then in turn sends data out on the correct WAN link.

Multiwan is more for load balancing than directing traffic (I think)

Thanks very much Nick, I'm going to make a test like this and let you know whats happened

You may not like thins answer. For your VoIP, does all your traffic go through 192.168.80.10? If so I would expect this to be the source IP.

For the LAN traffic it does not seem right to have to enter every single IP individually and I can see no way of entering the subnet. Perhaps if you set the weighting to 100 for this WAN interface all LAN traffic will go this way and hopefully the Source Based Route will override the weightings for the other interface. Try it.

Thanks very much Nick
Yes I installed the multi-wan component. There there's a option called 'Source-based Routes'. If I understand correctly I should configure it like the pic I joined according to the fact that eth0 and eth1 are my WAN interfaces and 192.168.100.1/24 and 192.168.80/24 my 2 LAN subnets If someone can confirm that, it would be great

When you configure a LAN NIC, under Network > IP Settings, you specify its IP address and subnet mask. You could assign one 192.168.100.1 and the other 192.168.80.1 as they are now and if you use a /24 subnet (255.255.255.0) like now they won't overlap which is good.

For the WAN Interface you need to use the MultiWan bit of the webconfig - install it from the marketplace if you don't have it yet. I don't have multi-wan so I don't know what it looks like, but it should allow source based routes, so you can route everything from one LAN subnet to one WAN and the other LAN subnet to the other WAN.

If both LAN interfaces are configured as LAN (not HotLAN or DMZ) then normal traffic passes freely between the LANs. The only issue is with unicast/multicast (so things like printer discovery) which does not pass. There is a way round it but you'll need to Google the installation required.

Thanks Nick I was just wondering which way was the best ... and I dont know howto attrib a WAN interface for each subnet .. maybe with iproutes ? And I've computers with special software connected to the IP phones... is COS able to route traffice between subnets ?

Thanks for your help

If you have separate networks for PC's and VoIP and multiple LAN NIC's why do you also want VLAN's? You could just have two LAN NIC's.

If you want a VLAN setup I can't help as I don't know them. I know they can be created directly from the Webconfig, and it would enable you to use a single wired LAN network instead of two separate networks, but I've never done any L2 switching.

Thank you Nick
In fact, i've now 2 different systems : 1 windows ISA firewall with a WAN connexion for the data and a ClearOS system acting as gateway with it's own WAN connexion for the VOIP. I want to remove the whole and installed a new ClearOS system with the 2 WAN connexions. Id like now to make 2 subnets (virtual or Vlans ?) and telling Clearos that subnet 1 has to use the WAN #1 and the subnet 2 the WAN #2 . But I dont know the best way to do it. I've 4 ethernet cards so every advice is welcomed Here's a pic of what I plan to do ...
Thanks

Presumably your VoIP server is on your LAN and not ClearOS. If so, have a look at Source Based Routes in the multi-wan app.