New to pfSense, and need advice on configuration settings.
-
The correct way to do this, if you need this sort of uptime, is to use a pair of pfSense boxes in a CARP setup.
https://doc.pfsense.org/index.php/Configuring_pfSense_Hardware_Redundancy_(CARP)
That's probably beyond what you're looking for!It is possible to do what you're describing by using a LAN-bypass NIC. The NIC has two Ethernet ports that usually appear as two separate interfaces to pfSense but if the power fails the ports connect together bypassing the pfSense box. It can also be configured to go into bypass mode if the OS crashes using a watchdog timer but that requires some interaction with the OS.
Generally speaking bypass cards are more trouble than they're worth. If you search the forum you'll just find people trying to disable the by-pass mode.Steve
-
Hmmm, maybe I will just leave as is, and manually reconnect the wan, doesn't seem worth the hassle lol.
Oh well, now it's time for me start thinking about firewall rules… see how many hurdles I have to jump this time hahaJust want to say a big thanks for your prompt replies, your information has been very helpful ;)
-
I was just re-reading this thread, and noticed this question that you asked me:
Is your WAN using PPPoE from the pfSense box?
Steve
Sorry, I don't know how I missed it :-[
Anyhow, no, the WAN is using DHCP as I was under the impression that this is the protocol used by talktalk. If anybody can prove me wrong please let me know. However, I have not had any issues so far.
-
If the two choices are DHCP and PPPoE and one side is incorrect the link won't come up at all.
-
It was the wrong question anyway. What I should have asked was, does your pfSense WAN interface have a public IP? In other words is your modem acting as just a modem or is it routing and NATing which is much less desirable.
Steve
-
Hi Steve,
In all honesty, I don't know, how would I find this out?
Thanks
-
Look at the IPv4 address for WAN in status->interfaces. Go to a web page like www.wimi.com. Are the addresses the same?
-
Look at the IPv4 address for WAN in status->interfaces. Go to a web page like www.wimi.com. Are the addresses the same?
Yes, the addresses do match.
-
That's fine then. I was originally asking because it may have conflicted with the LAN subnet but that's not the case.
Steve
-
That's great, thanks guys ;)
