Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Multi-WAN on single interface

    Scheduled Pinned Locked Moved Routing and Multi WAN
    13 Posts 3 Posters 5.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • GruensFroeschliG
      GruensFroeschli
      last edited by

      http://forum.pfsense.org/index.php/topic,9422.0.html

      Are you using DSL-modem-routers?
      Or do you intend to perform the PPPoE authentication on pfSense itself?

      We do what we must, because we can.

      Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

      1 Reply Last reply Reply Quote 0
      • L
        lale
        last edited by

        Thanks for fast reply!!!

        yes i use two DSL-modem-router and don't need authentication on pfSense.

        But…before trying to understand all that code....i'think to understand that it isn't possible do this without modding pfSense code, right?

        Thanks

        lale

        1 Reply Last reply Reply Quote 0
        • GruensFroeschliG
          GruensFroeschli
          last edited by

          Read the whole thread.
          You dont need to modify any code.

          You just have to edit the config.xml

          We do what we must, because we can.

          Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

          1 Reply Last reply Reply Quote 0
          • L
            lale
            last edited by

            Ok, thanks i read the whole thread.

            One more question, i have router in two different public subnet while in the sample routers are in the same local IPs subnet. Can i use this method anyway?

            Thanks

            lale

            1 Reply Last reply Reply Quote 0
            • GruensFroeschliG
              GruensFroeschli
              last edited by

              What exactly do you mean your routers are in a different public subnet?
              Can you make a diagram?

              We do what we must, because we can.

              Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

              1 Reply Last reply Reply Quote 0
              • L
                lale
                last edited by

                INTERNET DSL/ROUTER1 (RFC 1483 routed) (85.37…../29)pfSense________LAN
                      |                                                                                                |  |       
                      |
                DSL/ROUTER2 (RFC 1483 routed)
                (82.89...../29)
                _____|  |___DMZ

                Hope it's readable :-)

                1 Reply Last reply Reply Quote 0
                • GruensFroeschliG
                  GruensFroeschli
                  last edited by

                  I dont really understand how much your dsl/router does.

                  Is it a half bridge? It does the authentication but you configure all IPs out of you /29 subnets manually?

                  Or do you have an IP on the modem-WAN and an IP out of the /29 subnet on the modem-LAN side, and you put as gateway the modem-LAN IP?

                  Or do you have all the /29 IP's on the modem-WAN side and you NAT them into a private subnet? (you would have private IP's in front of pfSense)

                  Hmmm.
                  I'm not so sure if this even is possible with multiple different subnets on WAN.
                  The problem is, that you can define a PARP VIP on the WAN interface for the second subnet, but i dont think pfSense itself can use it to route traffic.

                  We do what we must, because we can.

                  Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

                  1 Reply Last reply Reply Quote 0
                  • L
                    lale
                    last edited by

                    Ok try to explain, on EACH  DSL/MODEM/ROUTER:

                    • on the internet side (MODEM side) i have 1 public static IP;
                    • on the public LAN side (pfSense side) i have a /29 static public IPs subnet, 1 of those IP is assigned to the ROUTER another 1 to pfSense; other IPs of the subnet are set on pfSense as VIP and DNAT to local IP of server in the DMZ;
                    • the provider route all IP of each /29 subnet to the external IP of the MODEM/ROUTER, the modem route those to the public LAN (pfSense side);
                    • i have two lines and so two different /29 subnet.

                    Hope this explains. Actually i have an old Astaro fw that do this with one line, i would change with a new pfSense fw with two lines.

                    Thanks again

                    1 Reply Last reply Reply Quote 0
                    • L
                      lale
                      last edited by

                      Doesn't explains?  ;D

                      1 Reply Last reply Reply Quote 0
                      • GruensFroeschliG
                        GruensFroeschli
                        last edited by

                        I think you need two separate interfaces for the WAN's.
                        Or a VLAN capable switch.

                        We do what we must, because we can.

                        Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

                        1 Reply Last reply Reply Quote 0
                        • L
                          lale
                          last edited by

                          Ok thanks

                          1 Reply Last reply Reply Quote 0
                          • B
                            BlueReef
                            last edited by

                            @GruensFroeschli:

                            Read the whole thread.
                            You dont need to modify any code.

                            You just have to edit the config.xml

                            i have edit the config.xml. But it keep using the WAN gateway, that i set on : interface/WAN/gateway

                            1 Reply Last reply Reply Quote 0
                            • First post
                              Last post
                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.