Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Failover only, how?

    Scheduled Pinned Locked Moved Routing and Multi WAN
    2 Posts 2 Posters 2.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      sporkme
      last edited by

      I've got two connections, both with a block of static IPs.  I pay for one of them, the 30/5 business cable service.  The other is from work and it's a 6.0/768 ADSL line.

      All I really want is a failover setup.

      The multiwan docs are not at all clear for simple failover.  My primary line is so much faster than the DSL that I don't think "balancing" is appropriate.

      Where I get lost is in creating the pools - I think I just need two - the third appears to be where the load balancing (that I don't want) takes place.

      This is what I have:

      Name Type          Servers/Gateways Port       Monitor                      Description

      CVfailstoBWAY gateway (failover) opt1 wan 216.220.96.17+67.83.242.65 Bway preferred when CV fails

      BWAYfailstoCV gateway (failover) wan opt1 67.83.242.65+216.220.96.17 CV preferred when Bway fails

      As far as I understand it, this is correct.  I would imagine I could even make do with a single pool, right?

      Where I get totally lost is the step with the firewall rules.  In the example, default points to the LoadBalance pool.  In a failover, I would assume I'd point to CVfailstoBWAY.

      Additionally, is there anything to be touched in the NAT section?

      I also have inbound rules, but I'm not very concerned with duplicating those on the ADSL circuit.  Is there anything to alter for inbound rules and nat?

      edit:

      Also, just did this fresh yet again.  When I set the gateway in my LAN rules to either failover pool, I get no traffic out whatsoever, no logs of blocked packets, and plenty of state entries.  I've reset the state table, reloaded the rules, but nothing goes out.  The Load Balancer status page shows everything as "up".  I cannot even ping either of the ADSL LAN side IPs, not even the one assigned to pfsense.  I am clearly missing something big…

      1 Reply Last reply Reply Quote 0
      • P
        Perry
        last edited by

        The multiwan docs are not at all clear for simple failover

        I'm working on it.

        As far as I understand it, this is correct.  I would imagine I could even make do with a single pool, right?

        Correct

        Additionally, is there anything to be touched in the NAT section?

        Nope

        I also have inbound rules, but I'm not very concerned with duplicating those on the ADSL circuit.  Is there anything to alter for inbound rules and nat?

        Nope

        CVfailstoBWAY    gateway  (failover)    opt1 wan 216.220.96.17+67.83.242.65 Bway preferred when CV fails

        I prefer wan opt1 (different from the docs) are those IP address your dns servers? if not you'll need static routes for each DNS server.

        ![pfSense.local - Firewall: Rules_1232234704028.png](/public/imported_attachments/1/pfSense.local - Firewall: Rules_1232234704028.png)
        ![pfSense.local - Firewall: Rules_1232234704028.png_thumb](/public/imported_attachments/1/pfSense.local - Firewall: Rules_1232234704028.png_thumb)
        ![pfSense.local - Load Balancer: Pool_1232234748033.png](/public/imported_attachments/1/pfSense.local - Load Balancer: Pool_1232234748033.png)
        ![pfSense.local - Load Balancer: Pool_1232234748033.png_thumb](/public/imported_attachments/1/pfSense.local - Load Balancer: Pool_1232234748033.png_thumb)

        /Perry
        doc.pfsense.org

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.