Help with creating a Dual Wan Failover

  • Hi,

    I'm new to pfsense and I can't set up a failover over two wan.

    I use pfsense 2.0 rc1

    I've seen a lot of howtos but all refers to 1.x version of pfsense and things have changed since …..

    I've found a thread in a forum that talks about how to build it over a 2.0 beta but for me it doesn't work.

    Here is What I've done so far :

    • Setting interfaces + ips + gateways to each interface + ip to monitor on each interface (one is a dedicated link and the other is a dsl connection).

    • WAN is my dedicated link

    • OPT1 is my DSL link

    • I've set a gateway group of type failover named WANS with WAN as tier 1 and OPT1 as tier2 with change on a packet loss basis

    then each tutorial tells that we must do a rule to let out the packets from LAN to internet .... and it's here I'm quite lost.....
    I've tried a rule in LAN saying that it can transfer it's data to the WANS gateway with protocol any ...... but it seems that it does not work because when I simulate a WAN failure, the gateway status tells me that WAN is red (down) and the OPT1 green (ok)

    However my pfsense is only able to do dns resolve at best ...... when I try to ping : nothing, when I try to go on a website : nothing

    nothing happens until I reconnect the WAN interface.

    What is I am missing ? does the firewall rule is correct ?

  • Hi,

    please show us your gateway groups (screenshot), your firewall rules on the LAN interfaces.

    Are you sure, that the firewall rule with "WANS" as Gateway gets hit ? Firewall rules are acting from top to down.

    Further, if bothe gateways are Tier 1 and one gateway goes down, then there is automatically a failover. If bothe are up, it is loadbalancing.

    If you are using squid on this box, then loadbalancing doesn't work "out of the box". You need to do some tricks.

