Multi WAN - Load Balance between private/internet traffic?
I have searched and haven't quite found an answer to the question at hand so I'm posting here.
We have two WAN connections and a request from the CEO to make this work.
The first is a 3.0Mb MPLS circuit that is used primarily for private traffic between our servers/branch locations. It does provide internet connectivity in addition to the private traffic for all of the branch locations because it is the only drop to those sites. This is a managed service that is done for us in network, we do not own the equipment doing the MPLS, but can request/make changes as required.
That said, the corporate offices have the 3Mb MPLS circuit in addition to a Verizon FiOS 50/20Mb circuit for internet connectivity.
What we are looking for is a solution in which we can direct all private traffic across the MPLS circuit and all internet traffic across the FiOS connection ONLY for the local facility.
Is this something that can be accomplished with pfSense? We are open to ideas on solutions, and if necessary we are willing to Bounty/Bid for this feature.
We do not have the expertise on staff to manage a super complex scenario so we are searching for a manageable solution with the limited expertise we have.
If I understood this correctly you do not want load balancing but Multi WAN. If you setup pfsense with the two WAN connections you can specify what traffic to route where in what direction. So yes pfsense can do this (and a lot more).
If this will be manageable depends on the structure of the network and the services in use between the offices.
I guess I misunderstood how the dual wan portion worked. If its just as simple as setting up dual wan, that's great!
I noticed that I also failed to mention that we have SIP trunks on the 3Mb circuit that connect to our IPPBX, does this present a problem for pfsense?
Configuring Sip trunks can be quit challenging. However it is possible and there are many examples on this forum on how to go about with PfSense and Asterisk. When you analyze the current use of ports for the voip PBX in your network you'll have a good idea what ports need to be opened up on Pfsense.
We are forcing our Asterisk based PBX (Switchvox) to use ports 5060 and 10000-15000 for RTP, the only other ports to be opened are the few ports to make the switchboard work.
Thank you very much for the insight, I'm looking for a suitable rack machine to run pfsense reliably for many years to come. Any suggestions? should I avoid AMD based hardware? (I've read grumblings on random internet postings in my google hunts)
Thank you again!
I'm mostly dealing with embedded hardware, for the bandwidths I work with that is more than sufficient.
Depending on the WAN bandwidth and structure of traffic you'll need some more muscle. If you look in the hardware section of forum you'll find some threads discussing Hardware specs vs performance.