Different firewall rules for each WAN interface



  • I'm setting up a cellular based WAN interface as a failover for my ordinary ISP. This is for security purposes to ensure my camera and other security systems are available in the case my ISP fails. Since this is a metered connection, I want to make sure only those security functions are using the broadband. Is there a good guide explaining how to do this? Thanks!



  • You should set up a failover connection and then have it be used only by those devices to which you want to have access 24/7. As long as you don't make it your default gateway it really shouldn't be used by any other device on your network.

    Check the docs here: https://www.netgate.com/docs/pfsense/routing/multi-wan.html
    Or look for guides on how to set up failover with pfsense, there are lots of useful ones.



  • I read those docs. They seem simple enough. I tried creating firewall rules and they didn't do anything. I have tried various rules this morning and none of them did anything at all. Can you explain how I would setup rules to allow traffic from only one VLAN to go through my failover interface? Thanks!