pfSense to Sonicwall with failover on Sonicwall



  • I have a pfSense hosted behind a Datacenter/virtual IP. That is to say that the pfSense will only ever have one WAN IP, even if it fails over between ISP providers.

    I have a few satellite locations with Sonicwall. Previously we leveraged Sonicwall to enter 2 peer gateway IP addresses per Phase 1 to cause rapid failover between ISPs.

    pfSense does not seem to support multiple remote gateway entries like Sonicwall, so my question is how to best implement failover from the Sonicwall side?

    • pfSense will always be: 1.1.1.1

    • Sonicwall is: WAN1: 2.2.2.2 WAN2: 3.3.3.3

    I will use dyndns if I have to, but I am not keen on it for several reasons, mostly time.


  • Rebel Alliance

    System / Routing / Gateways

    System / Routing / Gateway_groups

    There is even a section on it in the pfSense book.

    HINT: The monitor_ip on a gateway doesn't need to be "directly attached" ;)



  • @Perforado thanks for the reply!

    The dual gateway is on the Sonicwall, not the pfSense.

    What I am wondering is how to best leverage Sonicwall failover to a site pfSense IP.


Log in to reply