Port forward from LAN to WAN with failover
-
Hi,
I have a stupid device in LAN which connects to some specific WAN address. But WAN host frequently changes its ip address (only 2 values are possible X:X:X:X and Y:Y:Y:Y). It's very hard to change ip in this device.
So i setup port forward: stupid device connects to pfsense 192.168.43.11:60000 then pfsense forwards it to X:X:X:X:80
Periodically I have to manually change X:X:X:X:80 to Y:Y:Y:Y:80, Y:Y:Y:Y:80 to X:X:X:X:80
Is it possible to setup "failover", i.e. if X:X:X:X:80 is not available, then forward to Y:Y:Y:Y:80 and vice versa?Or may be there is should be another approach at all?
-
NAT forwarding occurs normally from LAN to WAN, so creating an explicit port redirect on your PFS seems pretty pointless.
You don't say what sort of 'stupid device' you have in your LAN, or how tolerant it may be of disconnects. You might be able to get around the problem using round-robin DNS, or altenately set up a load-balancer (eg: HAProxy) to act as a proxy for the two target addresses.
-
Thanks, will try your solutions.
Port forwarding was made in order to change address remotely in pfsense, as i can make changes in this device only locally.
device is some tv box.
-
NAT forwarding occurs normally from LAN to WAN, so creating an explicit port redirect on your PFS seems pretty pointless.
You don't say what sort of 'stupid device' you have in your LAN, or how tolerant it may be of disconnects. You might be able to get around the problem using round-robin DNS, or altenately set up a load-balancer (eg: HAProxy) to act as a proxy for the two target addresses.
tried this solution
https://forum.pfsense.org/index.php?topic=64414.0from pfsense works fine, later will test from tv-box.
-
round robbin dns works good.
1. create file /roundrobindns.txt
Content of roundrobindns.txt
–start--
X.X.X.X anyhost.anydomain
Y.Y.Y.Y anyhost.anydomain
--end--
2. add addn-hosts=/roundrobindns.txt to DNS Forwarder->Advanced3. set stupid device to connect to anyhost.anydomain
thanx!
-
@red_cat1930 said in Port forward from LAN to WAN with failover:
oundrobindns.txt
–start--
X.X.X.X anyhost.anydomain
Y.Y.Y.Y anyhost.anydomain
--end--
2. add addn-hosts=/roundrobindns.txt to DNOne simple way to do it now is just to 1:1 NAT Mappings your WAN to your Failover. So go to
Firewall / NAT / 1:1
and add an entry for your Failover interface, with the Failover IP as the External IP and the internal IP being the regular WAN IPSorry... this is the best SEO for this subject.