XG-7100 Dual WAN how to set the Mac Address?

stephenw10

So you have two WAN connections but they are from the same ISP and it's using the same subnet on both?

You will have problems there anyway as they probably share the same gateway so you won't be able to route to them separately.

You can create two MAC addresses by separating the internal lagg and using VLANs on each interface. Each is connected to the switch at 2.5G so it's unlikely you will see a reduction in throughput.
It's a multi-step process though and you need some access that isn't via the switch or you will almost certainly get locked out! At least have the console connected so you can roll back changes.

Steve

iculookn

@stephenw10
Thanks for the reply, all sounds like not the right way to proceed. Looks like I need to replace the XG-7100 with something that can support my environment.

Yes, I have 2 x 1Gb WAN from the same ISP. Not using them for redundancy/failover, but for policy-based routing

Thanks

stephenw10

You can use the XG-7100, splitting the LAGG is not that difficult. If you open a ticket with is we can provide you with a basic config with that already done.
https://go.netgate.com/

However you will not be able to policy route if the gateway is the same on both WANs and it sounds like it might be. That applies to any pfSense install.

Steve

iculookn

@stephenw10

ok, thanks. have put in the request.

Can you elaborate more on the issue that I might not be able to policy route anyway?

Is there a way to test/check before I make the changes?

Thank you

stephenw10

Because you said the two WANs shared the same subnet I thought it very likely they would be using the same gateway IP which is a problem because pf uses that to route to:

https://docs.netgate.com/pfsense/en/latest/multiwan/considerations.html#multiple-wans-sharing-a-single-gateway-ip

Should be quite easy to check the gateways on each WAN to know for sure.

If necessary you can NAT one of them with a SOHO router in front of pfSense which works around the problem.

Steve

iculookn

@stephenw10
Ok I have loaded the config supplied (7100-IX2&IX3.XML) and I tried to follow the video here
https://www.netgate.com/resources/videos/configuring-netgate-appliance-integrated-switches-on-pfsense-244.html

but I am just confused now and end up either kicking myself out of the LAN or the WAN.

I have a working box, but I cant get the 2nd WAN port enabled.

PORT 1: WAN1
PORT 2: LAN
PORT 3: WAN 2

My switch VLANS are as follows (I think VLAN 1 is not right)

Ports

Interface Assignments

VLANS

VLAN Config

I am confused about which "Parent Interface to select"

I know both my WAN ports are working as I can plug in my pc and I get a DHCP WAN IP and to close off your point about wan gateway, I can confirm I have 2 separate WAN IP's in different ranges with different default gateways

Any help would be greatly appreciated.

Thanks
Eric

stephenw10

Eric, hmm yeah there are a number of things wrong there. Is that the config as we sent it to you? or after making changes?

I'm reviewing what we sent.....

Steve

stephenw10

Ok I see. I have replied on your ticket with a complete config setup for dual WANs with different MAC addresses.
Please try that and let us know how it goes.

Steve

iculookn

@stephenw10
Ha, no that mess is after I played with the config. Will try your new config tonight

Thanks

iculookn

@stephenw10 THANK YOU.

That config made more sense. all working now. Even have a policy-based rule setup to direct all my nestcams to WAN2

THANK YOU

stephenw10

Nice.