Question on WAN Failover
-
If you have one subnet/LAN then static reservations is the way to go. I'd pick a spot on a subnet boundary, say 192.168.1.192/26. Set your kids devices to DHCP assignments from 192.168.193 - .254
Then, on LAN, down at the bottom pass any any rule that policy routes to the gateway group, right above it place a rule that routes with a source of 192.168.1.192/26 dest any to the microwave gateway (or the gateway group with the microwave as tier 1).
If they're smart they can circumvent it with a static IP but…
-
How do I set which WAN I want to be the primary to start with and when the primary WAN comes back online how do I fail back over to the primary ?
-
In your gateway group Tier 1 is primary and Tier 2 is secondary. Fail back is automatic.
-
Yeah I have been trying to rack my head on how to read that. In my screen shot, did I make OPT1 (FTTC)primary ?
I want the OPT1 (FTTC) to be the primary WAN interface
-
Yeah I have been trying to rack my head on how to read that. In my screen shot, did I make OPT1 (FTTC)primary ?
I want the OPT1 (FTTC) to be the primary WAN interface
For that route to OPT1failoverWAN1
-
You Lost me there, Where do i do that at ?
This is what i have so far. At this point I want to make sure I am set up to Failover from OPT1 (FTTC) to WAN1.
And if I understand what you said earlier it should auto fail back
Attached is what I have done so far.
-
Right there in the firewall rules. Get rid of the second one. It will never be matched (it matches the same traffic as the rule above it so it will never be hit by matching traffic..)
-
get ride of the WAN > OPT1 Rule ?
-
Yes. it is unnecessary and will never match any traffic.
-
ninjaneer, This worked for you? I'm Kind of stuck here (trying to do my first failover on pfsense), so I am guiding myself with your post (I'm not so good with Firewall/NAT rules when it comes to forward traffic). Please, if something worked for you, let us know.
-
I'm not so good with Firewall/NAT rules when it comes to forward traffic
You should probably figure that out before tackling more advanced topics like multi-wan and the policy routing it entails.
-
Can you suggest me some topic(s)? I think I expressed myself in the wrong way, I meant, "I'm not so good with Firewall/NAT rules when it comes to forward traffic on pfSense, because I got lost very easily with the interface" (Too many options at once) I'm still searching on the forum and the documentation, but it gets confusing because, or only a few people are having the problems that I have, or maybe I'm looking on the wrong direction (I'm thinking this is the main reason…)
Thanks in advance!
-
https://doc.pfsense.org/index.php/Firewall_Rule_Basics
https://doc.pfsense.org/index.php/Firewall_Rule_Processing_Order
https://doc.pfsense.org/index.php/Firewall_Rule_Troubleshooting
https://doc.pfsense.org/index.php/How_can_I_forward_ports_with_pfSense
https://doc.pfsense.org/index.php/Port_Forward_Troubleshooting
-
ninjaneer, This worked for you? I'm Kind of stuck here (trying to do my first failover on pfsense), so I am guiding myself with your post (I'm not so good with Firewall/NAT rules when it comes to forward traffic). Please, if something worked for you, let us know.
I understand your frustration, having the links to the DOC's don't help everyone. I am a visual learner so the DOCs are nice if you want to understand a setting but doesn't help explain exactly what goes where.
I used this link (below) in the beginning, but I didn't care about the load balancing part. Then I start this post and derelict posted and helped me out. In the end it worked for me. If OPT1 fails, it switchs to my WAN port. Once it detects the my OPT1 is up again it auto switches back.
https://forum.pfsense.org/index.php?topic=28121.0
-
childgear, if this helps you here are screenshots of my final configuration. I think with the groups I only needed the OPT1failoverWAN1 group, I don't think i needed to have the one that starts with WAN. Its still there because I was following instructions from another post and I believe its needed if you continue on to do the load balancing part
this guys youtube video is pretty good also, if you comment with questions he replies pretty fast
DUAL WAN ON PFSENSE 2
Youtube VideoEdited to add youtube link
-
Thank you everyone!, I'll try this when the workload gets down, so I can use both links. If it worked, I'll be back with some kudos XD
-
Thanx everyone! As a newbie on pfSense this is most helpfull for me. For a couple of years i've been poking around with 2 wans and the right solution to shape traffic.
Recently i was pointed in the pfSense direction, and since that i've been reading and reading on how to implement it in my household. Like Derelict said; better read the manual before turning on the machine!Again, thanx ;)
