Dual Firewall, dual WAN
-
Hi,
My current ISP only supports 1 IP issued by a DHCP.
I have a dual firewall, and I have CARP setup for my LAN, but for my WAN it isn't possible as I only have 1 IP.
1 solution is no make a script that failover from FW1 to FW2 in case FW1 is down or have no connection.Well. I found another ISP that can provide up to 4 IP addresses, probably some random IP's issued by DHCP.
would it be possible to setup PFSense with either CARP failover,
so order 3 static IP's?alternative have 1 static IP for each firewall, so no CARP failover.
Keep in mind I also have a 4g/5g modem for loss of fiber.
-
@blank said in Dual Firewall, dual WAN:
I found another ISP that can provide up to 4 IP addresses, probably some random IP's issued by DHCP.
This probably means, that you get a DHCP IP from the ISP and the static IPs are routed to it.
Hence all IPs hook up on a DHCP in fact. Even some are "static", a DHCP client is required to get them.So this might not improve your options at all.
-
If I understand correctly, that could be done via properly configured priority in both GW on WANs and CARP VPIs on Local network.
-
@Tadmin
A CARP setup requires at least two IPs within a subnet for the two nodes and a shared CARP VIP. All three have to be static to get CARP work out of the box. A shared DHCP VIP is not supported.However, people posted workarounds here to get it up with DHCP as far as I remember. But this needs some scripting. Try the forum search.