Trying to get multi-WAN working
-
noob here (sorry!)
I'm trying to get PFSense connected with multiple WANs
I have WAN connected to a Comcast box;everything works OK with just this connected (ping DNS addresses, etc.)
I am trying to get an additional WAN setup, referencing https://doc.pfsense.org/index.php/Multi-WANI have a DSL box, which is in bridged mode, I have tested connectivity with a laptop set with ip, gateway and mask and plugged into the DSL box. Works fine.
I have renamed OPT1 VERIZON_DSL, and have set ip, gateway and mask. I have added a DNS server (8.8.8.8) using the Verizon gateway. (8.8.4.4 uses Comcast)
I have set monitor IPs for both gateways.I have created a gateway group "failover" with both gateways in it.
Comcast set to tier 1, Verizon to tier 2 (want fail-over, not load balancing).
I have Comcast set as the default gateway.
In firewall/rules, I have modified the pass/LAN/any rule to have gateway "failover"With my Comcast (wan port) unplugged, I can ping an ip address from a PC connected to the firewall LAN port - or from the firewall diagnostics, selecting source 'LAN', but I cannot ping a DNS address, like 'www.google.com'.
I have ensured the DNS server uses the Verizon gateway. I've added some Verizon specific DNS servers, also using the Verizon gateway.I'm sure I've missed something obvious - but what?
Thanks for any help!
-
Are you doing the ping from pfSense to outside (e.g. Google)?
It's important because the firewall rules (policy routing) don't apply to traffic from firewall. For that situation you should enable the gateway switching (according to System > Advanced > Miscellaneous)If you're trying the ping from the PC, you must look over the outbound NAT settings, to be sure the traffic from LAN is translated to the secondary WAN IP.