Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Add 2nd pfsense 2.4.4p1 server to same domain joined lan

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    3 Posts 2 Posters 391 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      dennisy
      last edited by

      Hello
      I apologize if this has been discussed before but I've spent days searching for answers with no real solution. I have a rather large number of servers and workstations, (Windows Servers, Ubuntu, Debian, and XCP-Ng) currently working and fully accessible behind a pfSense 2.4.4p1 server and it works great. I have 16 static public IPs with the 1st pfSense server assigned to 1 of the public IPs with the gateway set to xxx.xxx.xxx.1. It's working fine. I have Windows VPN installed on a Windows Server 2016 server and Windows Server 2016 VPN and Remote Desktop Services on 2 other 2016 servers. Again that all works fine.

      What I'm attempting to do is add a 2nd pfSense 2.4.4p1 server to the lan as I want to use the pfSense VPN implementation verses my current setup. End result I'm looking for is to have a 3rd pfsense server at home, connected to my office using a Site to Site VPN connection.

      I have the 2nd pfSense server setup and assigned a second public ip from my assigned block and have it's wan gateway set to the same ip as the first pfSense server which continues to function normally. The issue is that the 2nd pfSense server is showing that the Gateway is down and has 100% packet loss. Again all servers and workstations are joined to the same windows domain with the domain controller also running DHCP and DNS.

      Is it possible to do what I'm attempting? If so, any pointers to where to look or what I'm missing? I love pfSense and until now thought I had a pretty good handle on it. I'm sure it's just a simple oversight on my part.

      Thanks for any assistance

      1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator
        last edited by

        Why would you put this 2nd pfsense on your lan?

        Why can vpn not just run on our 1st pfsense? If you want to have HA, then setup carp..

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.8, 24.11

        1 Reply Last reply Reply Quote 0
        • D
          dennisy
          last edited by

          Thanks for the reply. Mainly to separate the traffic on the first pfSense. That one currently runs at about 35% to 55% cpu. Eventually that server will be upgraded. The thought is the 2nd pfSense at that location will be used exclusively for the VPN access. If the VPN access begins to affect the traffic through the main pfSense server, I'll just cut the site2site access out of the picture. I have limited bandwidth available (400/25) so the site2site is a nice to have to eliminate running to the building when something goes bonkers there. I may try enabling the site2site on the 1st server and see what happens. Is it possible to run site2site and road-warrior on the same pFsense server. Needless to say, because I had been relying on RDS for the past few years, I'm a noob on the VPN side of things.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.