Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Three pfsense

    Routing and Multi WAN
    3
    4
    421
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      pabo02 last edited by

      i just like to ask for any idea on how to setup three pfsense for three different internet service provider because they like it that way, different provider for every department. We have file server and everyone is accessing it. I just like to know how we can setup it and still can access the servers. By the way wee dont use managed switch.

      1 Reply Last reply Reply Quote 0
      • johnpoz
        johnpoz LAYER 8 Global Moderator last edited by

        Why do you need 3??  Just put your 3 wans to 1 pfsense..

        So are all your departments on the same network?  Via an unmanaged switch?  Then do this.. Seems moronic to me but hey whatever.. How many users/computers in this network.. You have multiple departments with multiple internet connections. But just dumb switches?

        Or every department could be on their own network.. If you have multiple switches and use switch(es) per department.

        In the below setup your hardest part is pointing each machine to the correct pfsense.  Can be done either via static IP, or setting up reservations for each client via dhcp and splitting your scope and and only letting pfsense hand out dhcp to its known clients.


        1 Reply Last reply Reply Quote 0
        • A
          aeleus last edited by

          While there are advantages, one reason not to put all three WAN's on one pfSense box is that would result in a single point of failure. Hardly "moronic" to want to avoid that.

          I have two WAN's and two pfSense VM's running on two separate hosts. I always have connectivity regardless if there are any software or hardware issues. Each pfSense uses the other as a secondary gateway.

          There are several options when running multiple instances of pfSense. I use the XMLRPC Sync feature to manage most settings on one box and have those automatically configured on the second box. I just configure clients with two default gateways and use wpad to define multiple proxies. You can also use "CARP" for a more seamless fail-over.

          If you just need a "different provider for every department" and don't need fail-over, then under High Availability Sync just enable Configuration Sync and ignore State Sync. There's a long list of settings there that can be automatically sync'd to the other pfSense instances.

          See here: https://doc.pfsense.org/index.php/High_Availability

          1 Reply Last reply Reply Quote 0
          • johnpoz
            johnpoz LAYER 8 Global Moderator last edited by

            " Hardly "moronic" to want to avoid that."

            Sorry but yeah… If you want HA then setup carp.. With you using each dept with their own ISP.. They all still have a single point of failure.. Your not leveraging the different connections for any sort of failover or ha setup..

            You currently are using CARP with HA setup..  What the OP is asking for is stupid.. doesn't even have a smart switch, etc.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post

            Products

            • Platform Overview
            • TNSR
            • pfSense
            • Appliances

            Services

            • Training
            • Professional Services

            Support

            • Subscription Plans
            • Contact Support
            • Product Lifecycle
            • Documentation

            News

            • Media Coverage
            • Press
            • Events

            Resources

            • Blog
            • FAQ
            • Find a Partner
            • Resource Library
            • Security Information

            Company

            • About Us
            • Careers
            • Partners
            • Contact Us
            • Legal
            Our Mission

            We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

            Subscribe to our Newsletter

            Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

            © 2021 Rubicon Communications, LLC | Privacy Policy