Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Dual wan single lan with 2 servers behind NAT

    Scheduled Pinned Locked Moved Routing and Multi WAN
    2 Posts 2 Posters 2.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      bob76535
      last edited by

      I need to replace another failing (dlink) router in our office. We have killed 5 routers (of various flavors) in 3.5 years. We have two 6M down/1M up DSL connections with static IPs as we used to have 2 webservers in the office but we finally got one moved off port 80. Now that we don't have the 2 servers on 80 complicating the situation we are looking to go to a dual WAN router setup with BOD/LB and failover capability. The current situation is not providing us enough bandwidth for the users on WAN1 and since some are not wireless or need print/fileshare connections they are stuck there. The laptop users can jump to WAN2 when WAN1 is down or saturated if they don't need to print/fileshare but that leaves them hopping back and forth between networks and leave the wired users in the dark during an outage. I have a Draytek 3300v which does what we need but I would rather keep that for another adventure (boss can't afford to buy it and we don't need VOIP anyways). We have discussed building a pfsense solution to handle this. I have read the 2 tutorials and the various posts on this but I thought it would be best to run my plan by the forum to make sure its sound and I am not overlooking anything.

      Here is what I want to set up:

      Wan1 -> Bridged PPPoE DSL modem with static IP of 216.99.123.456 -> Intel 100M NIC #1 on pfsense box

      Wan2 -> Bridged PPPoE DSL modem with static IP of 216.99.234.567 -> intel 100M NIC #2 on pfsense box

      (both connections are from the same ISP but the IPs are not sequential if that matters)

      The pfsense box will have an Intel GB NIC connected to a GB switch which will feed the lan

      There will be a single lan (192.168.1.0/24) with the following:

      Server 1 -> requires 80, 443, 21, 3389, 3306, 8181 all to be forwarded to this boxes internal static 192.168.1.x IP from the static IP of WAN1

      Server 2 -> requires 8080, 53, 3391 all to be forwarded to this boxes internal static 192.168.1.y IP from the static IP of WAN2

      Workstation1 -> requires 3393 to be forwarded to this boxes internal static 192.168.1.z IP from the static IP of WAN2

      Workstation2 -> requires 3395 to be forwarded to this boxes internal static 192.168.1.m IP from the static IP of WAN2

      etc, etc.

      I realize that the port forwarding will fail on whichever connection goes down and thats fine.

      14 devices with static ips (desktops, printers, NAS, company WAP, guest WAP, syslog server, etc)

      7 laptops that will need a DHCP address assigned to them but need to use the same internal IP address every time (our current router does this by mac address - not for port forwarding just for tracking purposes).

      I will set up the pools and such as per the tutorials.

      Have I missed anything or am I asking pfsense for something unrealistic?

      Thanks

      Bob

      1 Reply Last reply Reply Quote 0
      • S
        SeventhSon
        last edited by

        This is pretty much what i have running (multiple clients, multiple servers, dual wan, behind NAT).

        @bob76535:

        (both connections are from the same ISP but the IPs are not sequential if that matters)

        Only thing that could be confusing: if both links are on the same subnet/router. The rest should be no problem for pfSense.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.