PFsense 1.2.3 failover

simoon · Aug 2, 2011, 6:33 PM

I am trying to configure my firewall to failover from a T-1 (static) to cable (dynamic).

I have created my load balance pool and 2 failover pools. They are both online. But when I test by disconnecting the T-1 connection, not only doesn't it failover, but both my gateways go offline.

I've been though as many online tutorials I can find. Some mention outbound NAT, which I configured, but it didn't make any difference. Not sure if I need to add any rules?

I have a decent amount of firewall experience (higher end SonicWall, old Checkpoint), but I'm new to PFSense.

Thanks

Metu69salemi · Aug 2, 2011, 8:30 PM

have you read this

simoon · Aug 15, 2011, 6:12 PM

@Metu69salemi:

have you read this

Thanks for the response.

Yes, the link you provided was one of the tutorials that I used for reference.

I was able to get it working. Interesting enough, I just deleted any configuration that was related to load balance and failover, and recreated them. It started working after that.

But now I have another issue. When I disconnect our primary internet connection, it fails over to our secondary and the internet connection stays up. But my ipsec tunnels no longer work. They still show that they are up on the status page, but I can't ping any server on the other side.

I am assuming that there is a rule that needs to be created.

Thanks

Metu69salemi · Aug 15, 2011, 6:36 PM

can't help you with that, i'm not using either one.

simoon · Aug 15, 2011, 6:46 PM

I think I may have figured it out.

I won't be able to test until tomorrow morning, before the rest of the employees get in. I don't test config changes during business hours.

If it's what I think it is, I will be embarrassed :-[.