Re: [pfSense Support] Multi-WAN with Fail Over
Thanks Chris! I just got my WRAP hardware working again this weekend. I'll try all the suggestions next week. Regards, Alex 2009/3/28 Chris Buechler > On Wed, Mar 25, 2009 at 10:07 PM, Alexsander Loula > wrote: > > This is my config: > > > > You're missing a static route for a DNS server on your second WAN, > assuming you use the DNS forwarder on pfSense. You may be using a > monitor IP that doesn't reliably respond to pings when the connection > is up. Your LAN rules route all TCP to the load balancing pool and > every other protocol out WAN2, which may not be your intention. Your > last LAN rule doesn't do anything because it'll never be hit. Your > balance and failover pools are fine. > > I don't see any issues other than that. If you're more specific about > how you're testing and what you're seeing, maybe something will be > apparent. > > - > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > For additional commands, e-mail: support-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org > >
Re: [pfSense Support] Multi-WAN with Fail Over
On Wed, Mar 25, 2009 at 10:07 PM, Alexsander Loula wrote: > This is my config: > You're missing a static route for a DNS server on your second WAN, assuming you use the DNS forwarder on pfSense. You may be using a monitor IP that doesn't reliably respond to pings when the connection is up. Your LAN rules route all TCP to the load balancing pool and every other protocol out WAN2, which may not be your intention. Your last LAN rule doesn't do anything because it'll never be hit. Your balance and failover pools are fine. I don't see any issues other than that. If you're more specific about how you're testing and what you're seeing, maybe something will be apparent. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Multi-WAN with Fail Over
Hi Chuck, I'll try these suggestions this weekend. I let you know the results. Thanks, Alex 2009/3/26 Chuck Mariotti > Alex, as I said before, I am not an expert on this and I’m not one to > look at XML config files. I am not completely convinced I have this working > 100%... but I’ll try to contribute. > > > > is something I disabled on my config, so that the DNS > entries I specified are not taken over by the DHCP on WAN. Try to write down > some test IP addresses that are public that you can PING so that you try to > see if your connections/failover are working WITHOUT letting DNS get it the > way. I found DNS got in the way of trying to get things working first on an > IP level. > > > > The RULES you specify need to be in a certain order, refer back to your > install document, it should say something about the order the rules are to > appear in the chart (top down). Here are my RULES from my config: > > - > > - > > pass > > lan > > > > > > > > keep state > > > > - > > lan > > > > - > > 192.168.1.0/24 > > > > > > Make sure that DMZ1 traffic goes to the right interf > > > > - > > pass > > lan > > > > > > > > keep state > > > > - > > lan > > > > - > > opt1 > > > > Make sure DMZ2 traffic goes to WAN2 > > opt1 > > > > - > > pass > > lan > > > > > > > > keep state > > > > - > > lan > > > > - > > > > > > Default LAN -> any via LoadBlanced WAN > > LoadBalance > > > > - > > pass > > pptp > > > > > > > > keep state > > > > - > > > > > > - > > lan > > > > > > > > > > > > > > HERE IS MY LOAD BALANCE STATEMENT – It appears that you do not have a > monitorIP entry for each. I think it uses these to ping the monitor IP > addresses to verify that the WAN / WAN2 links are up and running. If not, it > fails over. In other words, if there is no response, it assumes the WAN link > is down. > > > > - > > - > > gateway > > failover > > 67.69.184.7 > > LoadBalance > > Round robin load balancing > > > > wan|67.69.184.199 > > opt1|67.69.184.7 > > > > > > - > > gateway > > failover > > > > WANFailsToWAN2 > > WAN2 preferred when WAN fails > > > > opt1|67.69.184.7 > > wan|67.69.184.199 > > > > > > - > > gateway > > failover > > 67.69.184.7 > > WAN2FailsToWAN > > WAN preferred when WAN2 fails > > > > wan|67.69.184.199 > > opt1|67.69.184.7 > > > > > > > > > > Are you able to get RED/GREEN/YELLOW entries when viewing Loadbalancing > under the Status menu? It should look something like this: > > *Name* > > *Type* > > *Gateways* > > *Status* > > *Description* > > LoadBalance > > gateway > (failover) > > wan > > opt1 > > Offline > > Last change Mar 25 2009 19:21:53 > > Online > > Last change Mar 25 2009 19:21:53 > > Round robin load balancing > > WANFailsToWAN2 > > gateway > (failover) > > opt1 > > wan > > Online > > Last change Mar 25 2009 19:21:53 > > Offline > > Last change Mar 25 2009 19:21:53 > > WAN2 preferred when WAN fails > > WAN2FailsToWAN > > gateway > (failover) > > wan > > opt1 > > Offline > > Last change Mar 25 2009 19:21:53 > > Online > > Last change Mar 25 2009 19:21:53 > > WAN preferred when WAN2 fails > > > > In this case, my MAIN WAN link is down (unplugged in fact). > > > > Let me know how it goes for you. > > > Regards, > > Chuck > > > > > > *From:* Alexsander Loula [mailto:alex.lo...@gmail.com] > *Sent:* Wednesday, March 25, 2009 10:08 PM > *To:* support@pfsense.com > *Subject:* Re: [pfSense Support] Multi-WAN with Fail Over > > > > This is my config: > > 2009/3/25 Chris Buechler > > On Wed, Mar 25, 2009 at 4:15 PM, Alexsander Loula > wrote: > > > > Could you please share your XML config? > > > > The boxes don't belong to me, they're those of various support > customers, so no I can't. If you post yours maybe someone will tell > you what's wrong. > > > - > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > For additional commands, e-mail: support-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org > > >
Re: [pfSense Support] Multi-WAN with Fail Over
Chris Buechler wrote: Works fine, I've setup a number of boxes like that. You have something setup wrong. Like what? What is your exact setup like? - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RE: [pfSense Support] Multi-WAN with Fail Over
Alex, as I said before, I am not an expert on this and I'm not one to look at XML config files. I am not completely convinced I have this working 100%... but I'll try to contribute. is something I disabled on my config, so that the DNS entries I specified are not taken over by the DHCP on WAN. Try to write down some test IP addresses that are public that you can PING so that you try to see if your connections/failover are working WITHOUT letting DNS get it the way. I found DNS got in the way of trying to get things working first on an IP level. The RULES you specify need to be in a certain order, refer back to your install document, it should say something about the order the rules are to appear in the chart (top down). Here are my RULES from my config: - - pass lan keep state - lan - 192.168.1.0/24 Make sure that DMZ1 traffic goes to the right interf - pass lan keep state - lan - opt1 Make sure DMZ2 traffic goes to WAN2 opt1 - pass lan keep state - lan - Default LAN -> any via LoadBlanced WAN LoadBalance - pass pptp keep state - - lan HERE IS MY LOAD BALANCE STATEMENT - It appears that you do not have a monitorIP entry for each. I think it uses these to ping the monitor IP addresses to verify that the WAN / WAN2 links are up and running. If not, it fails over. In other words, if there is no response, it assumes the WAN link is down. - - gateway failover 67.69.184.7 LoadBalance Round robin load balancing wan|67.69.184.199 opt1|67.69.184.7 - gateway failover WANFailsToWAN2 WAN2 preferred when WAN fails opt1|67.69.184.7 wan|67.69.184.199 - gateway failover 67.69.184.7 WAN2FailsToWAN WAN preferred when WAN2 fails wan|67.69.184.199 opt1|67.69.184.7 Are you able to get RED/GREEN/YELLOW entries when viewing Loadbalancing under the Status menu? It should look something like this: Name Type Gateways Status Description LoadBalance gateway (failover) wan opt1 Offline Last change Mar 25 2009 19:21:53 Online Last change Mar 25 2009 19:21:53 Round robin load balancing WANFailsToWAN2 gateway (failover) opt1 wan Online Last change Mar 25 2009 19:21:53 Offline Last change Mar 25 2009 19:21:53 WAN2 preferred when WAN fails WAN2FailsToWAN gateway (failover) wan opt1 Offline Last change Mar 25 2009 19:21:53 Online Last change Mar 25 2009 19:21:53 WAN preferred when WAN2 fails In this case, my MAIN WAN link is down (unplugged in fact). Let me know how it goes for you. Regards, Chuck From: Alexsander Loula [mailto:alex.lo...@gmail.com] Sent: Wednesday, March 25, 2009 10:08 PM To: support@pfsense.com Subject: Re: [pfSense Support] Multi-WAN with Fail Over This is my config: 2009/3/25 Chris Buechler mailto:c...@pfsense.org>> On Wed, Mar 25, 2009 at 4:15 PM, Alexsander Loula mailto:alex.lo...@gmail.com>> wrote: > > Could you please share your XML config? > The boxes don't belong to me, they're those of various support customers, so no I can't. If you post yours maybe someone will tell you what's wrong. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com<mailto:support-unsubscr...@pfsense.com> For additional commands, e-mail: support-h...@pfsense.com<mailto:support-h...@pfsense.com> Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Multi-WAN with Fail Over
This is my config: 2009/3/25 Chris Buechler > On Wed, Mar 25, 2009 at 4:15 PM, Alexsander Loula > wrote: > > > > Could you please share your XML config? > > > > The boxes don't belong to me, they're those of various support > customers, so no I can't. If you post yours maybe someone will tell > you what's wrong. > > - > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > For additional commands, e-mail: support-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org > > 3.0 nervecenter normal pfsense localdomain admin America/Sao_Paulo 0.pfsense.pool.ntp.org http yes 201.6.0.115 201.6.0.112 200.169.116.22 200.169.116.23 nfe0 10.1.1.1 24 100 Mb rl0 dhcp 100 Mb rl1 WAN2 dhcp dyndns loula Truth2145&* bigdogwall.homelinux.com 10.1.1.10 10.1.1.245 public 10.1.1.0/24 Auto created rule for LAN wan 10.1.1.0/24 opt1 pass lan keep state tcp lan LoadBalance pass lan keep state lan opt1 pass lan keep state lan Default LAN -> any 0 * * * * root /usr/bin/nice -n20 newsyslog 1,31 0-5 * * * root /usr/bin/nice -n20 adjkerntz -a 1 3 1 * * root /usr/bin/nice -n20 /etc/rc.update_bogons.sh */60 * * * * root /usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 sshlockout 1 1 * * * root /usr/bin/nice -n20 /etc/rc.dyndns.update */60 * * * * root /usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 virusprot */60 * * * * root /usr/bin/nice -n20 /usr/local/sbin/expiretable -t 3600 snort2c */5 * * * * root /usr/local/bin/checkreload.sh */5 * * * * root /etc/ping_hosts.sh */140 * * * * root /usr/local/sbin/reset_slbd.sh Fit123 http://pfsense.comuf.com A list of small custom things that can be added to pfSense 1.2.3 : Date,Code-red,LTSP,AFC and DDNS System 0.0.1 ALPHA 1.2.3 crazypa...@yahoo.dk http://www.pfsense.com/packages/config/Fit123/fit123.xml fit123.xml Fit123 Status /pkg_edit.php?xml=fit123.xml&id=0 on /firewall_nat_out.php made unknown change 1237674640 gateway failover WAN1FailsToWAN2 WAN 2 preferred when WAN 1 fails wan|201.6.224.1 opt1|200.169.116.22 gateway failover 201.6.224.1 WAN2FailsToWAN1 WAN 1 preferred when WAN 2 fails opt1|200.169.116.22 wan|201.6.224.1 gateway balance 200.169.116.22 LoadBalance Round Robin load balancing wan|201.6.224.1 opt1|200.169.116.22 60 zone - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Multi-WAN with Fail Over
On Wed, Mar 25, 2009 at 4:15 PM, Alexsander Loula wrote: > > Could you please share your XML config? > The boxes don't belong to me, they're those of various support customers, so no I can't. If you post yours maybe someone will tell you what's wrong. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Multi-WAN with Fail Over
Hi Chris, Could you please share your XML config? So I can check if I'm setting something wrong. Tks, Alex 2009/3/25 Chris Buechler > On Wed, Mar 25, 2009 at 5:26 AM, Veiko Kukk > wrote: > > > > No, with two identical machines, using CARP for hardware failover, the > dual > > WAN failover does not work with pfsense. > > > > Works fine, I've setup a number of boxes like that. You have > something setup wrong. > > - > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > For additional commands, e-mail: support-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org > >
Re: [pfSense Support] Multi-WAN with Fail Over
On Wed, Mar 25, 2009 at 5:26 AM, Veiko Kukk wrote: > > No, with two identical machines, using CARP for hardware failover, the dual > WAN failover does not work with pfsense. > Works fine, I've setup a number of boxes like that. You have something setup wrong. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Multi-WAN with Fail Over
I tried both suggestions (static route and opendns) without success. As I can use a regular PC in this case, I'm using Endian community edition that is working perfectly for WAN1 to WAN 2 failover. I'll try to play a little more with pfSense because I'd like to have the option to use embedded hardware as well. Thanks anyway! 2009/3/25 Veiko Kukk > Robert Mortimer wrote: > >> If you have two PF machines (One for each ADSL) you can use CARP to get >> the failover you require. >> > > No, with two identical machines, using CARP for hardware failover, the dual > WAN failover does not work with pfsense. > > -- > > Veiko > > - > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > For additional commands, e-mail: support-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org > >
Re: [pfSense Support] Multi-WAN with Fail Over
Robert Mortimer wrote: If you have two PF machines (One for each ADSL) you can use CARP to get the failover you require. No, with two identical machines, using CARP for hardware failover, the dual WAN failover does not work with pfsense. -- Veiko - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Multi-WAN with Fail Over
The DNS should switch over with the fail BUT if you use an ISP DNS server then it may not be available from an IP address that does not belong to the ISP. If your second link is not with the same ISP (good Idea for redundancy) then you will have to look at DNS that can be reached from both networks. Free ones exist but they tend to pay for themselves using a search page to replace the "Not Found" when a name is incorrectly typed by a user. Alternatively you can name both ISP servers (and add a static route for the backup DNS server so it is always seen while the link is up or you may get some performance issues) Or you can run your own DNS and do the lookup yourself! Rob - Original Message - From: "Alexsander Loula" To: support@pfsense.com Sent: Tuesday, 24 March, 2009 12:20:52 GMT +00:00 GMT Britain, Ireland, Portugal Subject: Re: [pfSense Support] Multi-WAN with Fail Over I'll try to do it this night (GMT -3:00). 2009/3/23 Chris Buechler < c...@pfsense.org > On Mon, Mar 23, 2009 at 10:13 PM, Chuck Mariotti < cmario...@xunity.com > wrote: > Alex, I share your pain. I’m not a pf guru, but I can’t seem to get this > working either… > > > > I have managed to get the Load Balancer Status to turn Green/Yellow/Red as > expected when I unplug a connection. But the internet get’s all wonky… as if > DNS isn’t working, old records seem to work, some pages take forever, etc... > You have to add a static route to push one of the DNS servers over the second WAN. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Multi-WAN with Fail Over
I'll try to do it this night (GMT -3:00). 2009/3/23 Chris Buechler > On Mon, Mar 23, 2009 at 10:13 PM, Chuck Mariotti > wrote: > > Alex, I share your pain. I’m not a pf guru, but I can’t seem to get this > > working either… > > > > > > > > I have managed to get the Load Balancer Status to turn Green/Yellow/Red > as > > expected when I unplug a connection. But the internet get’s all wonky… as > if > > DNS isn’t working, old records seem to work, some pages take forever, > etc... > > > > You have to add a static route to push one of the DNS servers over the > second WAN. > > - > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > For additional commands, e-mail: support-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org > >
Re: [pfSense Support] Multi-WAN with Fail Over
On Mon, Mar 23, 2009 at 10:13 PM, Chuck Mariotti wrote: > Alex, I share your pain. I’m not a pf guru, but I can’t seem to get this > working either… > > > > I have managed to get the Load Balancer Status to turn Green/Yellow/Red as > expected when I unplug a connection. But the internet get’s all wonky… as if > DNS isn’t working, old records seem to work, some pages take forever, etc... > You have to add a static route to push one of the DNS servers over the second WAN. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RE: [pfSense Support] Multi-WAN with Fail Over
Alex, I share your pain. I'm not a pf guru, but I can't seem to get this working either... I have managed to get the Load Balancer Status to turn Green/Yellow/Red as expected when I unplug a connection. But the internet get's all wonky... as if DNS isn't working, old records seem to work, some pages take forever, etc... I have a similar setup to you it looks like. I was suspect that it doesn't like 192. series as a gateway and that there is some filtering in the default rules. I have removed all default filtering for these IPs (since my test environment has a WAN connected to a real internet connection / router (200.x) and the second WAN is to an internal router (192.x), that then goes to the internet), internal LAN is 192.168.1.x. I wonder if the issue I am having is that the WAN's are load balancing, part traffic goes across one, part the other... when one goes down, it get's screwy... not failing over... Like you, I don't want to use TWO WANS at the same time, I just want one to work, or the other... and on recovery revert back to the primary. Does anyone have a solution to this? Let me know if you make any progress, I am about to call it a night. Regards, Chuck From: Alexsander Loula [mailto:alex.lo...@gmail.com] Sent: March-23-09 9:00 PM To: support@pfsense.com Subject: Re: [pfSense Support] Multi-WAN with Fail Over No, I have two completely different gateways. One is 200.XXX.XXX.XXX and the other is 192.XXX.XXX.XXX. 2009/3/23 Chris Buechler mailto:c...@pfsense.org>> On Mon, Mar 23, 2009 at 11:04 AM, Alexsander Loula mailto:alex.lo...@gmail.com>> wrote: > This is my current setup: > > I'm not using CARP, only the Load Balance service (pools). > Are the gateways the same? If so, that won't work as it balances by gateway IP, you need an intermediate NAT device on one. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com<mailto:support-unsubscr...@pfsense.com> For additional commands, e-mail: support-h...@pfsense.com<mailto:support-h...@pfsense.com> Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Multi-WAN with Fail Over
No, I have two completely different gateways. One is 200.XXX.XXX.XXX and the other is 192.XXX.XXX.XXX. 2009/3/23 Chris Buechler > On Mon, Mar 23, 2009 at 11:04 AM, Alexsander Loula > wrote: > > This is my current setup: > > > > I'm not using CARP, only the Load Balance service (pools). > > > > Are the gateways the same? If so, that won't work as it balances by > gateway IP, you need an intermediate NAT device on one. > > - > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > For additional commands, e-mail: support-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org > >
Re: [pfSense Support] Multi-WAN with Fail Over
On Mon, Mar 23, 2009 at 11:04 AM, Alexsander Loula wrote: > This is my current setup: > > I'm not using CARP, only the Load Balance service (pools). > Are the gateways the same? If so, that won't work as it balances by gateway IP, you need an intermediate NAT device on one. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Multi-WAN with Fail Over
This is my current setup: I'm not using CARP, only the Load Balance service (pools). 2009/3/23 Robert Mortimer > If you have two PF machines (One for each ADSL) you can use CARP to get the > failover you require. > > > > Otherwise failover between to WANs on the same Pf machine is covered in the > load balancing. > > > > Rob > > - Original Message - > From: "Veiko Kukk" > To: support@pfsense.com > Sent: Monday, 23 March, 2009 14:30:28 GMT +00:00 GMT Britain, Ireland, > Portugal > Subject: Re: [pfSense Support] Multi-WAN with Fail Over > > Alexsander Loula wrote: > > Hi Folks, > > > > I have 2 WAN's (WAN1 - production and WAN2 - backup) and I need to set > > them as fail over (when WAN1 goes down WAN2 takes the traffic and when > > WAN1 goes up again it will takes the traffic). Both are DHCP. > > Do you have dual router setup or are those WAN's connected to the same > machine? If you have dual router setup, then WAN failover won't work for > you. I have tested it extensively with no luck of any combination. > Single machile dual WAN failover works. > > veiko > > - > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > For additional commands, e-mail: support-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org > > <>- To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Multi-WAN with Fail Over
If you have two PF machines (One for each ADSL) you can use CARP to get the failover you require. Otherwise failover between to WANs on the same Pf machine is covered in the load balancing. Rob - Original Message - From: "Veiko Kukk" To: support@pfsense.com Sent: Monday, 23 March, 2009 14:30:28 GMT +00:00 GMT Britain, Ireland, Portugal Subject: Re: [pfSense Support] Multi-WAN with Fail Over Alexsander Loula wrote: > Hi Folks, > > I have 2 WAN's (WAN1 - production and WAN2 - backup) and I need to set > them as fail over (when WAN1 goes down WAN2 takes the traffic and when > WAN1 goes up again it will takes the traffic). Both are DHCP. Do you have dual router setup or are those WAN's connected to the same machine? If you have dual router setup, then WAN failover won't work for you. I have tested it extensively with no luck of any combination. Single machile dual WAN failover works. veiko - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Multi-WAN with Fail Over
Alexsander Loula wrote: Hi Folks, I have 2 WAN's (WAN1 - production and WAN2 - backup) and I need to set them as fail over (when WAN1 goes down WAN2 takes the traffic and when WAN1 goes up again it will takes the traffic). Both are DHCP. Do you have dual router setup or are those WAN's connected to the same machine? If you have dual router setup, then WAN failover won't work for you. I have tested it extensively with no luck of any combination. Single machile dual WAN failover works. veiko - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Multi-WAN with Fail Over
Alexsander Loula wrote: Hi Folks, I have 2 WAN's (WAN1 - production and WAN2 - backup) and I need to set them as fail over (when WAN1 goes down WAN2 takes the traffic and when WAN1 goes up again it will takes the traffic). Both are DHCP. I have followed this procedure in 2 machines (PC and WRAP) without success: http://doc.pfsense.org/index.php/MultiWanVersion1.2 I did several tests changing mainly the Load Balance and Firewall (NAT/Rules) services with no success. It's very intermittent even doing the 3 pools that's not my case. Sometimes it works mainly when the Load Balance status indicators are green and sometimes does not work when the indicators are yellow. Actually I don't want to have the load balance between WAN1 and WAN2, only the fail over from WAN1 to WAN2. Is someone doing it successfully? Best Regards, Alex Many people are doing this successfully. If you have your WAN interfaces load balancing, then it means you have your pool configured for load balancing. Change the behavior to failover. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
