Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Can you failover WAN to dynamic IP?

    Scheduled Pinned Locked Moved Routing and Multi WAN
    3 Posts 3 Posters 1.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      MikeDaniels
      last edited by

      I wanted to setup my HA cluster of netgears to be able to fail over the WAN port to a service that will give me a dynamic IP. Is this possible? Is this supported? I don't want to do a one-off on this, I want to do it by the book if its possible.

      I've seen lots of comments about this and from what I can tell, this doesn't work. If I've simply come across the wrong articles, I'd appreciate it if someone could let me know and correct me.

      Thanks!
      Mike

      1 Reply Last reply Reply Quote 0
      • S
        SteveITS Galactic Empire
        last edited by

        If you're looking to have the second WAN ISP use a dynamic IP yes that's possible as we have a client with that scenario. If using a dyndns service and it's configured in pfSense, then pfSense should register the new IP.

        If you're trying to use the same IP on both then that won't work unless SD-WAN is used. (apologies if I'm misunderstanding)

        Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
        When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
        Upvote ๐Ÿ‘ helpful posts!

        1 Reply Last reply Reply Quote 0
        • jimpJ
          jimp Rebel Alliance Developer Netgate
          last edited by

          It won't be "proper" HA as there is no way for the dynamic WANs to participate in CARP or to trigger an HA failover. There would be no seamless failover of clients if the primary node failed to the secondary while the dynamic WAN was in use.

          So it can function in the most basic sense -- Multi-WAN could possibly work (gateways may be tricky, for one) but it wouldn't be a good experience and that's one of the reasons we say that type of configuration is unsupported.

          If there is only a single shared CPE for the dynamic WAN, you could enable routing mode in the CPE (if it has one) and then setup HA w/CARP on pfSense in the private subnet behind it. Setup 1:1 NAT on the CPE to map all traffic on its public address to the private CARP VIP.

          That won't work if each HA node has its own separate second WAN, though.

          Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

          Need help fast? Netgate Global Support!

          Do not Chat/PM for help!

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.