• I have pfSense set-up to failover to a cellular modem. This is all working fine. I also remote into the network via OpenVPN. When on the primary WAN, thats works fine too.

    But, when on failover I've run into a problem: The IP address reported by the pfSense Dynamic DNS service is not the actual IP address of Cellular modem. The network status of the cellular modem reports a different IP. In testing, if I use the IP address reported by the cellular modem during failover condition, I can remote into the network just fine.

    If I search "Whats My IP address" in a search engine, I get the IP address that pfSense Dynamic DNS is report (not the modems actual IP address).

    Any suggestions how I can get pfSenseSynamic DNS service to report the actual IP addres of the modem?

  • LAYER 8 Rebel Alliance

    Sounds like your callular ISP is using CGN (Carrier-grade NAT) - that is very common for mobile connections.
    Behind CGN you can't just open incoming ports, best is to talk to your ISP and ask for options if this is a must have for you. Some ISPs can give you a real IP with business contracts - for extra cash of course. ;-)

    -Rico


  • Thanks. The interesting thing here is that I can remote into the network using the IP reported by the cellular modem on its internal status page. But, on failover, the IP being reported by the Dynamic DNS service and "What's my IP" is different than the IP being reported by the cellular modem. On failover, the IP address does change from my WAN address to another IP, this new IP address does get reported by the Dynamic DNS service, its just not the same IP as the modem displays on its internal status page.

    In other words, if the cellular modem was being reported to my Dynamic DNS service then I'd be able to remote into the network on failover. But, as its now stands, I have no way (that I know of) of determining the actual IP address of the cellular modem on failover. So, there something odd going on with how the IP is being determined.