Two Pfsense each with Seprate Internet routing each other

johnpoz

"(the wan is down on pf2 [192.168.10.0/24])"

well that would be a problem now wouldn't it.. How would it work if the wan is down?? That has nothing to do with the transit or connectivity between the pfsenses, etc.

Why do you have 2 transits?

What sort of wan do you have that it doesn't show an interface assigned to it for speed and duplex, etc.

irs

The wan is down since morning on site 2 (pf2) but the site 1 has the internet (pf1) wan is working

irs

@johnpoz:

"(the wan is down on pf2 [192.168.10.0/24])"

well that would be a problem now wouldn't it.. How would it work if the wan is down?? That has nothing to do with the transit or connectivity between the pfsenses, etc.

Why do you have 2 transits?

What sort of wan do you have that it doesn't show an interface assigned to it for speed and duplex, etc.

i made another Transit just to see if i have made something wrong.

irs

if one wan on any pf goes down wouldn't it takes over to other pf wan which is up through transit?

irs

what should I do?

johnpoz

Yeah if you set it up like that.. But yours doesn't seem down - it was pending, and looks like you removed the interface from it or something?

And why do you have 2 transits? How did you configure your failover? You should simulate it being down by blocking ping at pfsense gateway, that is how I did it. Or mark the gateway down. But you should validate that your can talk to each others networks and go out your local wan before trying to test the failover, etc.

irs

i have changed the transit now only one transit

irs

it is showing up online now

![pf2 dashboard update.PNG](/public/imported_attachments/1/pf2 dashboard update.PNG)
![pf2 dashboard update.PNG_thumb](/public/imported_attachments/1/pf2 dashboard update.PNG_thumb)

irs

pf1 internet is working fine, still can not figure out what mistake i made?

![ping 2.PNG](/public/imported_attachments/1/ping 2.PNG)
![ping 2.PNG_thumb](/public/imported_attachments/1/ping 2.PNG_thumb)

ping.PNG_thumb

irs

can you explain from where the gateway 192.168.9.253 and 192.168.2.253 comes from

you have used in your snapshot
System > Routing > Gateway

Thx

irs

I tried again but same no luck, completely from scratch.

Both firewall communicate each other but can not access Internet.

I created transit on both firewall

Created LAN on each of them

Gateway, Static route and gateway group failover on each pfsense

Firewall LAN allowed

firewall Transit interface allowed

but unlucky to get the internet

please help me to find the problem?
Thx

johnpoz

"can you explain from where the gateway 192.168.9.253 and 192.168.2.253 comes from"

As I told you already - those were my wan_dhcp gateways in the downstream pf1 and 2 I setup.. That is just my internet in my setup to mimic yours. Here is a drawing..

"Both firewall communicate each other but can not access Internet."

Who can not access internet, can your 2 networks talk to each other? 192.168.0 and 192.168.10? Did you mess with outbound nat? When you create your downstream route it should automatic create your outbound nat for you.

Your going to have to post your setup if you want me to spot what your doing wrong. How is it showing online when shows NO interface or connection just "NONE" How does your wan have a 0.0ms response time??

setupsimyoursetup.png_thumb