Help configuation
-
Does anyone have an example configuration for NAT
I have a 4100 connected to two ISP via WAN 1 & 2 , how is the failover configured with NAT enabled. there are two ISP subnets.
-
@bmcneil
Which NAT direction are you talking about? Inbound / port forwarding or outbound?Basically with multiple WAN, you need NAT on both interfaces and both work absolutely independently.
-
Hello
Inbound/ outbound internal office users need to be able to access the internet.
I configured DHCP, and have not how to perform the failover with NAT.
I will then need to configure VPN access for remote workers.
Could you provide a clear configuration document for these task. I am being consumed by so much information on the document site. -
@bmcneil
There is nothing special with multi WAN, except the failover group.When your WAN are configured as DHCP client, the gateways are set automatically. Otherwise with static IP state the gateway in the interface settings.
For the failover group go to System > Routing > Gateway Groups and create a new group wherein you set the preferred gateway as Tier 1 and the second as Tier 2.The trigger level "member down" should fit your needs. State a name for the group and save the settings.
Then go to the gateways tab and set the failover group as default gateway and save this.The proper outbound NAT rule should be added automatically by pfSense for both WANs, if the NAT is in automatic mode.
With this settings you should already have internet access from inside your network over both WANs.For accessing your pfSense from the internet in case of a failover you have to switch the WAN IP on the client side. For instance you can use DynDNS which can be updated with the actual working WAN IP by pfSense.
A VPN client like OpenVPN is also capable to switch the server IP itself if one is not responding. So you can also use static IP or host names here.