  • We have a CARP - Multiwan Setup with routed public IPs through L2TP/PPP interface.

    PFSense Version 2.15 is running as newer versions crash on the old IBM Server Hardware.

    We use three WANs, they are cheap VDSL/LTE-connections without static IPs. Each WAN connection is running through a separate router, each router is in a separate private IP Subnet (the first 192.168.240.x/24, the second 192.168.241.x/24 …), each subnet is connected through a separate NIC to the PFSense. On each subnet I am running a CARP VIP. NAT is configured and works.
    We are getting static/public IPs routed through an L2TP Tunnel from a separate provider. This connection is only used for traffic to and from the DMZ.

    Everything works fine with outgoing traffic. With incoming traffic (SMTP, WEB etc.) to the public IPs on the L2TP/PPP Interface I have trouble:

    My challenge:

    1. The L2TP/PPP connection is running on the WAN1 CARP VIP for Provider A. But if the link for Provider A is going down, I have to change the L2TP/PPP Interface manually the CARP VIP for Provider B.
    2. After a failover to the standby CARP member the PPP interface needs to be automatically started/enabled. Actually I need to do this manually

