Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Temporarily use WAN1 for CCTV

    Scheduled Pinned Locked Moved Routing and Multi WAN
    5 Posts 2 Posters 524 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • ymcanY
      ymcan
      last edited by

      We have a pfSense firewall with two WANs, load balanced as described in https://www.cyberciti.biz/faq/howto-configure-dual-wan-load-balance-failover-pfsense-router/. This works well most of the time.

      However occasionally we need external access to the CCTV recorder that sits on the LAN. Is there a way I can temporarily assign WAN1 to the CCTV recorder so we can easily use the recorder remotely, while at the same time routing all other traffic over WAN2? And then when we are finished switch back to the load balancing scenario?

      1 Reply Last reply Reply Quote 0
      • KOMK
        KOM
        last edited by

        Best option is to configure an OpenVPN remote access server. That way, you can connect securely to your LAN any time for anywhere.

        Next option would be to port-forward the CCTV to whatever WAN you want. This is bad since it gives everyone on the Internet direct access to your cameras, and those things are famous for being riddled with security bugs. This also gives your cameras access to the Internet which is often a BAD things, as some models have been caught phoning home to China doing who-knows-what.

        1 Reply Last reply Reply Quote 0
        • ymcanY
          ymcan
          last edited by

          What we have done is port forward and only accept connections from our office static IP, so that way nobody else can get to the CCTV recorder.

          However I think I did not explain my problem properly. We have 24 clients who use the LAN to access the internet, and most of the time they utilise all the bandwidth of both WANs, so when we need to check the CCTV there is not enough bandwidth to do that. Because of that I want to be able to temporary break the load-balancing and dedicate WAN1 to the CCTV recorder, while clients can continue to use the internet via WAN2 (be it at half the bandwidth). I was hoping I could just enable a rule that does this for me, but I have not been able to work out how to do that.

          1 Reply Last reply Reply Quote 0
          • KOMK
            KOM
            last edited by

            You should look into traffic-shaping but I'm not sure how hard it is to configure with multi-WAN.

            1 Reply Last reply Reply Quote 0
            • ymcanY
              ymcan
              last edited by ymcan

              I was hoping to setup a blocking rule for everyone but the CCTV recorder for WAN1, but I'll have a look at traffic shaping and see what I can do there.

              Thank you for your help.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.