Extend existing pfSense setup with failover WAN and failover Firewall

  • I have the following setup:

    (feel free to edit)

    I have a pfSense box with a static WAN IP connected via PPPOE VDSL to the internet. It is also running IPSEC tunnels as well as OpenVPN for remote access to LAN, both bound to the static IP of the VDSL connection. Also, I only have one WAN static IP.

    For failover, I have an LTE Router that is not connected right now and am also planning to create a second pfSense box to take over as much of the functionality of the first box as possible. Also, assuming that either VDSL failure or failure in pfSense 1 is rather unlikely, it would be ok if some functionality was missing.

    Most to least likely problem and concern:

    1. VDSL line problem
    2. problem with the pfSense hardware
    3. if I want to reboot one of the pfSense boxes (this can take a few minutes till everything is up and running again).

    What would be a good setup (high level/diagram wise) and what are concrete things I would have to change with the pfSense configuration?


Log in to reply