Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Nat + Wan failover causing problems on wan fail

    Scheduled Pinned Locked Moved NAT
    3 Posts 2 Posters 1.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      FlashBlue
      last edited by

      Right, pfsense 1.2.1 , running in a dual wan setup, with a dsl provider on wan port, and a cable provider on OPT1. both have direct external ip's, the wan port through ppoe session on an ethernet modem (bridged) the opt1 through a cable modem. Failover configured in the loadbalancer through the guide on the wiki.

      Few NAT entries setup for vpn access and some standard stuff like ssh ports (22 and an alternate on 443) on both WAN and OPT .

      Works like a charm, both the failover , and the NAT on both interfaces.

      only… If the wan link is down, all regular traffic is nicely rerouted through opt, as it should be, but, all port forwards on the opt link die immediatly, and are no longer available,  until the wan link is restored. Which is not the behaviour i either want, or expect.

      I couldnt find any related things on google or with the forum search, to i thought i might ask it here.

      1 Reply Last reply Reply Quote 0
      • C
        cmb
        last edited by

        Known issue because of the way FreeBSD's routing table works, make sure you always have link on WAN (doesn't have to be an Internet connection, just link). There's a ticket open to fix for 2.0.

        1 Reply Last reply Reply Quote 0
        • F
          FlashBlue
          last edited by

          hmm, strange, since the wan link is physically always up, its either the ppp session that dies, or an upstream router, so that there is no more dataconnectivity, but physical link stays up.

          Offcourse, if bsd looks at the PPOE session, than that could be the cause.

          Anyway, i can live with it untill 2.0 comes out.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.