Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you have been placed in read-only mode.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

Intermittent Failover to Backup WAN – Unable to Reach Firewall GUI/SSH

Routing and Multi WAN

1 Posts 1 Posters 22 Views

Log in to reply

M

martintamare
last edited by
Hello community,

We’ve run into an intermittent failover issue on our pfSense deployments and would greatly appreciate your insights.

Environment & Scale
- pfSense version: 24.11 (latest patch)
- Primary WAN: Mainly PPPoE
- Backup WAN(s): Static IPv4 circuits
Existing Configuration
- Management Access
  - SSH
  - HTTPS GUI
  - Access restricted via an alias containing only trusted IP addresses (no DNS)
- Gateway Setup
  - Default IPv4 gateway is set to Automatic OR points to a Gateway Group
  - Gateway Group does not include the lowest-priority backup WAN by design
Observed Behavior
1. When the primary PPPoE WAN goes down (or multiple WANs fail), we should have access to the GUI/SSH over the backup link. But it doesn't
2. On normal situation where all WAN are up, accessing via the backup link is working as expected
Troubleshooting Performed
- Verified gateway statuses in Status → Gateways (both online/online_degraded as expected)
- Confirmed alias entries and firewall rules were unchanged
Questions & Next Steps
1. Does anyone already experience similar intermittent failover behavior
2. Are there any known gotchas or recommended tuning parameters for gateway monitoring, group membership, or rule evaluation order that might help?
3. As we don't have a remote access so far we are unable to get more insight from what's happening : what would be necessary command to add more insight
Best regards,
1 Reply Last reply
Reply Quote 0

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.

1 / 1