4. 2 links 1 ip address.

2 links 1 ip address.

  • M

    hello eveyone!!!! I have  a fiber connection.The isp has provided me with a static ip config.However he has provided me with two links. 1 fiber link and other a cat5e link for backup.He has told me that in casde of a fiber cut to use the backup link.Is there any way to configure it in such a way that if the fiber link fails pfsense will automatically handover the traffic to the backup link? He has provided me with a single ip configuration.

    0
  • M

    Hi mafioisa,

    Looks like you have a similar issue to mine - I opened a thread yesterday.

    If I get feedback or resolve my issue, I will update you here.

    What have you tried so far to get this working?

    Wouldn't it work for you if you simply
    1. create gateway-groups for the two routers on the connections to the single IP,
    2. setup the tier 1 and tier 2 for the gateways within the group and
    3. add firewall rules allowing that traffic, using the gateway-group as the gateway in the rule

    In my case, my primary connection goes via a router containing an IPSEC so I am not sure how to force the swap if the tunnel goes down and not the gateway ;-(

    Cheers,

    0
  • M

    Hi again mafiosa,

    See my thread for an update on my issue - seems it's not possible without some routing process in place (in my scenario…).

    In your case, if you have 2 gateways i.e. one for the fibre and one for the secondary line, the gateway-group setup provided by pfsense should work for you.

    Cheers,

    0
  • N

    @mannyjacobs73:

    Hi again mafiosa,

    See my thread for an update on my issue - seems it's not possible without some routing process in place (in my scenario…).

    In your case, if you have 2 gateways i.e. one for the fibre and one for the secondary line, the gateway-group setup provided by pfsense should work for you.

    Cheers,

    Interesting that pfSense doesn't account for a scenario like that.  It would seem like it would be quite easy to code something to perform this functionality.  A simple ping once a minute behind the scenes could solve this.  If pfSense pings the main line and the ping fails, it could be programed to route to the backup line.  Hell, I can write a powershell script to peform this scenario in under 5 minutes.

    In other words, I am surprised pfSense didn't program high availability and failover measures into their product.  Still great product tho.  Just saying. LOL

    0
  • Netgate

    Seems like something at layer 2 such as RSTP might be more appropriate in that case. You are changing layer 1/2 - not 3.

    There are HA and failover capabilities included. That they do not fit your particular use case/ISP method is secondary.

    This thread is woefully short on details from the ISP regarding what is really going on.

    0
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy