2 pfsense devices -> BT Openreach Modem

  • What exactly are you trying to do here?

    For example - double your internet speed or setup redundancy, have 2 separate and distinct LAN networks behind 2 separate pfsense boxes, host some servers or services out to the internet (game servers, file servers, etc.), or what? Tell us what you're trying to do.

    Is this a SINGLE modem to 2 different pfsense boxes? If so, and you're trying to do one of the things mentioned above, you would get your ISP to route you multiple public facing IP addresses so you can do server stuff (see above) with these connections. If that's what you're doing, that can all be done with 1 WAN connection on 1 pfsense box.

    So, long story short... please tell us what you're trying to do.


  • @akuma1x Thanks for the reply, suprisingly nice.

    Basically I'm looking to have 2 seperate networks as I've had trouble with having these groups of devices on a single device. I'm also going to lock down and restrict the traffic of the second device as it only needs to meet a specific purpose.

    Yes, my main goal would be the have the second pfsense device connected to the first (main) device as it would go through another VPN connection and have an IPS on it however I can set up two using 1 openreach modem if needed. Basically, in order, here's how I want my network to function:

    Network 1:
    Computer -> pfsense inner device -> IPS -> OpenVPN -> pfsense outer device -> IPS -> OpenVPN -> Openreach Modem -> Internet

    Network 2:
    pfsense main device -> IPS -> OpenVPN -> Openreach Modem -> Internet
    pfsense secondary device -> IPS -> OpenVPN -> Openreach Modem -> Internet

    1 pfSense router with vlans on the lan interface and a switch that supports vlans.

    I highly doubt than you’ll get 2 different Ip addresses from the modem.

    You can route different vlans via different VPN’s that terminate on the same WAN interface.

  • @NogBadTheBad I understand that. I don't want 2 seperate IP's from that WAN device, I want both to access the same IP and use it, my need is that there be 2 pfsense devices. That's what I'm trying to achieve.

    Have you unlocked the modem or replaced it's firmware? The second Ethernet port is not normally active on Openreach modems.

    Is it still running in modem mode?
    The only way you could connect two pfSense devices to the modem is if it's running as a router. In the default modem mode you use a PPPoE session from pfSense and you can't create two PPPoE sessions.

    You should use just one pfSense box behind the modem connected via PPPoE and have two subnets on separate interfaces behind that. You can that have them fully isolated or allow connectivity between them as required.


