SG-2220 - VLANs on the WAN side?

  • I got SG-2220, which only has two ports - LAN and WAN. I want to create connectivity  redundancy by adding a mobile hotspot as emergency fail-over option. Since there is only one WAN port, can I get VLAN capable switch (like edgerouter lite, etc) and run cable modem and mobile hotspot into it, then connect one port to pfSense WAN port?

    I could setup VLANs on the router, and add corresponding VLANs on PfSense. Does this setup make sense? Would it work?

  • Netgate

    Yes. You can have VLANs on WAN going to an outside switch to two or more different providers.

    pfSense: vlan 100 vlan 101

    Switch: tagged port vlans 100 and 101 to pfsense, untagged 100 to ISP 1 modem, untagged 101 port to ISP 2 modem.

    It will be functionally equivalent to having two different WAN interfaces.

    You will have to understand that powering off and on one of the modems won't trigger a DHCP renewal event on pfSense because the port will not go down from its perspective. You might have to release renew manually, etc, if that ever arises.