Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Connecting two sites with failover lines using gateway groups does not work

    Scheduled Pinned Locked Moved Routing and Multi WAN
    1 Posts 1 Posters 320 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H
      harald.mayer
      last edited by

      Hi @ll,

      we have two sites connected with two leased lines. I am now trying to set up an automatic failover with pfsense firewalls on both sites. In case that one line dies the gateways should be switched and the traffic should run over the failover line. Each pfsense should only take all it gets and forward it to the other site.

      What i did:

      • Configure a gateway group with two tiers on each site
      • policy route all traffic comming in at the LAN interface out to the gateway group
      • policy route all traffic comming in at the interfaces of the gateway group out to the LAN interface
      • tried different scenarios with and without upstream gateways,  with and without configured def gateway and spent some time with static routes and RIP

      It seems, that traffic containing retour packets does not get routed through the gatewaygroup (no polcy routing only kernel routing). Without routes, no answer packets are comming back. As soon as i have routes, packites comming back are routed throuth the respective interface.

      Has anybody set up similar szenario and can give me a hint?

      Thank You
      Harald

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.