Multi-WAN with same gateway (2.0-loadbalance)
-
Hi, no its not possible with 2.0 to use multiWAN with same Gateway. I posted about 1 hour earlier. I suggest you to continue there:
http://forum.pfsense.org/index.php/topic,44059.0.html
cu Floh
-
Hi, no its not possible with 2.0 to use multiWAN with same Gateway. I posted about 1 hour earlier. I suggest you to continue there:
http://forum.pfsense.org/index.php/topic,44059.0.html
cu Floh
Then I will go with good ol' 1.2.3 :)
-
It isn't possible on 1.2.3 either. Using the same gateway on multiple interfaces has never been supported in that way.
-
It isn't possible on 1.2.3 either. Using the same gateway on multiple interfaces has never been supported in that way.
Huh? I does works perfectly fine in 1.2.3 ???
Configuration similar to this (in swedish tho): http://forum.pfsense.org/index.php/topic,22559.msg115918.html#msg115918
-
I can tell you it is possible to use multiple WANS with same gateway with 2.01 release. It was fixed in last update.
In my case I have 2 ADSL modems in bridge mode connected to 2 separate NIC's (using same ISP and same Gateway)
Add all WAN NICs to a gateway group with same tier level. Make sure none have the default gateway option set. Outbound rules must be set to use the gateway group NOT the default setting.
-
PPPoE is a special case, it only works there because PPPoE doesn't really use the gateway in the same way that a traditional routed (instead of point-to-point) interface does.
Using the same gateway on multiple DHCP interfaces wasn't supported in 1.2.3, if it worked for you, it was pure luck. It can't address the same gateway on multiple interfaces, so there is a good chance the traffic wasn't actually doing what you thought it was doing.
-
Using the same gateway on multiple DHCP interfaces wasn't supported in 1.2.3, if it worked for you, it was pure luck. It can't address the same gateway on multiple interfaces, so there is a good chance the traffic wasn't actually doing what you thought it was doing.
Hm, you checked the link to the post describing how to configure?
-
Yes and that would not have yielded a proper working multi-wan setup that was actually completely functional. Again, if it even seemed to work, it was pure luck.
-
Yes and that would not have yielded a proper working multi-wan setup that was actually completely functional. Again, if it even seemed to work, it was pure luck.
Alright. Used a setup like that for 2 years on different setups without any problems :) Sticky connections, rules for http/https and such to "WAN1"-interface and so on..
Could you give me an example of something that in theory shouldn't be working? thinking, because it works in version 1.2.3 (but it shouldn't), so maybe I can get some similar setup working in 2.0.
-
I can tell you it is possible to use multiple WANS with same gateway with 2.01 release. It was fixed in last update.
In my case I have 2 ADSL modems in bridge mode connected to 2 separate NIC's (using same ISP and same Gateway)
Add all WAN NICs to a gateway group with same tier level. Make sure none have the default gateway option set. Outbound rules must be set to use the gateway group NOT the default setting.
Advoc8tr
Can you perhaps give a bit more detail? My setup is what you are describing (2x DSL modems in mode connected to seperate NICs and using same ISP and same gateway).
I added the WAN interfaces to a gateway group and added floating rule with gateway group (not 'default') as gateway, but I can't retrieve package list or check for updates - is this expected? Elsewhere I found information suggesting to also change outbound NAT to manual and add rules for all WAN interfaces - also did not have any joy doing this.
This is my first post on the forum I have to say, and I have to say I love pfSense!! :)
-
As mentioned below by jimp perhaps this does only work with PPPoE ? And it only works on 2.0.1 - it wasn't working on 2.0 and was then listed in the change-log for 2.0.1
What I did was set the 2 ADSL modems in bridged mode. The WAN interfaces in pfsense are where you configure the PPPoE connections with user/pass supplied by your ISP. This gives you 2 WAN connections with the same gateway (if using same ISP for both ADSL connections)
These 2 WANS are added to a routing group. Make sure neither is set as the default - no default gateway set. I have also used completely external and different monitor IPs for each. (I used 2 google IPs)
No floating rules required. (this is generally used to get it working with the squid proxy installed and it never worked properly for me under those circumstances - so no squid proxy) This is probably what is mucking up your loopback outbound access (pfsense auto updates) On my system the auto updates / packages works fine.
I have added a single rule for each of the 2 LAN connections that allows all outbound and has the gateway set as the routing group in the advanced features section.
No changes made to automatic outbound NAT rules.
I have turned on 'use sticky connections' as some secured websites didn't like successive connections coming from different IP's but it worked without this turned on.
I can see that it balances the traffic by watching the traffic graphs and also by the fact that at the end of a month the interface statistics show each WAN has very similar packets and bytes out.
-
Thank you Advoc8tr
I'll test and get back to you.
-
Under System=> Routing=> Gateways
Change Monitor IP to Alternative Monitor IP , I'm using goolge ip. it's working for me.
-
Under System=> Routing=> Gateways
Change Monitor IP to Alternative Monitor IP , I'm using goolge ip. it's working for me.
I also got it working this way.(same GW-ip on both WANs different monitoring IP)
BUT…
Pfsense was fine with it untill I had to reboot my cable-modem and Pfsense due to a cable-mess-cleanup. I can't get it working again now. It's been said a couple of times in this thread. When a multi-wan-setup where al the WANs are using the same GW-address is working (when not PPPoE) it's pure luck.I guess i'll have to double-NAT one of my two WAN-connections. Anybody have tips on how to do this? mainly the firewall-setup in the "first" router(the one getting the public IP). My guess is, get a simple SOHO-router, have it do the required portforwarding towards the 2nd WAN-ip on pfsense, open up firewall on SOHO-router and do the firewalling in pfsense.
[EDIT]
I just finished setting it up with a 2nd router. I put the ip of the interface of my pfsense in DMZ on the cheap router, did the necessary portforwarding and tried to keep everything else as secure as I could. Works pretty fine and I've got a couple of exact spares for my SOHO-router since it's the one I replaced for my self-built pfsense-firewalls in all of our branches. ;D
