Bi-directional Multi WAN Failover

tfcbacct+pfsense

Greetings,

I am new to pfSense and attempting to implement an automatic bi-directional failover between two identical pfSense boxes using Multi-WAN.

Both pfSense boxes have three interfaces: WAN.Internet, WAN.Local, and LAN. On each box WAN.Internet is connected to an ISP that provides a single IP address via DHCP. WAN.Local is a physical ethernet cable between the two pfSense boxes. Each LAN port is connected to its own switch. I know this sounds a bit strange but the physical connections can't be changed. The WAN.Internet/LAN connections work just fine. The LANs on either side of the connection are private and either side shouldn't have any access to the other (beyond what access they could have over the Internet).

The problem is with the WAN.Local connections. WAN1.Local and WAN2.Local are defined with static IP addresses and the opposite end defined at the Gateway:

WAN1.Local is 192.168.10.1/24 with Gateway 192.168.20.1
WAN2.Local is 192.168.20.1/24 with Gateway 192.168.10.1

I created a Gateway Group on both sides using WAN.Internet and WAN.Local.

My naive hope is that if WAN1.Internet goes down then WAN1.Local could automatically route packets through WAN2.Local/WAN2.Internet. I've tried using static routes but haven't made any progress.

Any suggestions on how to make this work?

Cheers!

Tim