Failover between 2 different geographic sites.
-
I have two offices, let's call them Fred & Mabel. Both F&M connect to the internet through their own individual FFTP WAN connection, & both locations use a pfSense firewall between their LANs and WANs. Now, F&M are about 2km apart and there's line-of-sight between them. There's a microwave connection between F&M. This connection is through the pfSenses on dedicated NICs, and F&M's pfSenses have gateways set up for this link and static routes to each other's pfSense connected LANs. So, for example, when accessing Fred's LAN from Mabel, the traffic is routed over the microwave link, not via the internet.
How can I configure these pfSenses so that if one WAN connection goes down, the traffic that would have gone over that WAN is routed over the link to the WAN in the other office? For example, Mabel's WAN fibre is cut, so Mabel's LAN clients failover to use the WAN in Fred via the microwave link.
p.s. I searched the forums, and this was the closest I could find, but the thread ends dangling...
forum.netgate.com/topic/64501/dual-pfsense-boxes-dual-internet-connections-carp-failover-help/13 -
For Fred's side:
Edit the gateway to Mabel and set a public IP for monitoring.Add a gateway group and add the WAN GW as Tier 1 and Mabel GW as Tier 2. Set the trigger level to Member down.
Go to Gateways and set this gateway group as the default gateway.Do the same with Fred's GW on Marbel's pfSense box.
Little inconvenience: If Mabel's WAN goes down, on Fred's box the gateway to Mabel gets shown as down, however, traffic to the other side should flow anyway.
-
Thank you very much! That works, I'm most grateful.