Concurrent Multi-WAN
-
Hi, I am just after some help setting up a dual-WAN setup because I can't seem to figure out what is going on. It seems simple enough from the outside but I'm completely lost.
I have a pfsense PC with 3 network interfaces. I would like to set this up in a concurrent Dual-WAN setup. My end goal is to basically use WAN1 for all outbound traffic (plus an inbound VPN), and WAN2 only for traffic with a destination of a 172.X.X.X network. This is not a load-balancing or failover setup as I want both WANs online at the same time. I understand this requires static routing and maybe a firewall rule or two, but I have not got to that stage yet.
Basically, I'm struggling to get my WAN2 interface "Up". I have enabled it in the interfaces, I have assigned it to the correct hardware interface, I have assigned it a gateway. But no matter what I do, it refuses to go online. Is there a setting I am missing when it comes to dual-WAN configs as I have set up the second WAN essentially identically to WAN1. My setup is as follows (I have verified all IPs and subnet masks to be correct):
WAN1:
IP: 192.168.6.50
Subnet Mask: 255.255.255.0
Gateway: 192.168.6.1
DNS: 8.8.8.8WAN2:
IP: 10.91.0.2
Subnet Mask: 255.255.240.0
Gateway: 10.91.0.1
DNS: 8.8.4.4LAN:
IP: 192.168.0.50
Subnet Mask: 255.255.255.0
Gateway: NoneI have not applied any further rules, routes or settings. I am simply just trying to get WAN2 "Up" and the gateway "online". By patching in through the LAN and setting my gateway as pfsense, I am able to reach the 192.168.6.0/24 network, but naturally unable to reach the WAN2 network/gateway.
-
@aiden21c
The gateway state is determined by pinging it. Offline means that it is not responding to pings.You can state an alternative IP behind the gateway for monitoring in the gateway settings.
-
@viragomann the thing is though, it SHOULD respond to pings. The gateway is exactly the same device, set up in exactly the same way as WAN1. When I connect my laptop to WAN2 directly, it is more than happy to respond to pings, but I am unable to ping the Pfsense IP even when I'm directly on the WAN2 network.
-
@aiden21c said in Concurrent Multi-WAN:
The gateway is exactly the same device, set up in exactly the same way as WAN1.
But it's a second router?
but I am unable to ping the Pfsense IP even when I'm directly on the WAN2 network.
pfSense will block access on any other interface than LAN by default.
But the gateway should be ping-able. -
@aiden21c If pinging the monitoring IP is an issue, in System/Routing you can edit the gateway and check "Disable Gateway Monitoring."
-
@steveits
If he want to use gateway failover in the future, however, this would be a bad idea.
Better to set any public IP, which is responding to pings. -
@viragomann this is not the issue. The issue is that the gateway is not operational at all. Pfsense is unable to use the gateway to access the public internet. The gateway should be responding to pings, and it should be providing internet access but it is not because the WAN2 port is not operation in its current state. The issue does not lie in simple "visibility" of the gateway, but in the function of WAN2 as well.
-
@viragomann said in Concurrent Multi-WAN:
@steveits
If he want to use gateway failover in the future, however, this would be a bad idea.
Better to set any public IP, which is responding to pings.Agreed but it's a workaround to force it "online."
@aiden21c Is the interface link up/correct? Status/Interfaces, check Status and Media.
-
@steveits the link itself is not up. I may have not been the best at explaing this, but essentially I am having no successful traffic on the WAN2 interface. This is regardless whether the gateway is "forced" online or not. The interface itself is showing as "no carrier".
-
@aiden21c Patch cable? Put a switch between pfSense and to what it connects? Bad port?
-
@steveits I found it and I am extremely annoyed. It was a bad patch lead.
-
@aiden21c it’s always the last place you look…