Multi-WAN with one Public IP on external server ?



  • Hello,

    we currently have the following situation in our office:

    • 2x WAN (DSL with 3 MBit)
    • pfsense 2.0 appliance with 3 ethernet-ports

    Unfortunatly, there is no possibility to get something faster to communicate with the internet. I configured both 3 MBit WAN's with Load-Balancing which worked really fine, but unfortunately there are some services where we cannot use it (e.g. online banking and ICQ-Connection, because the IP can change on every connection). We have the possibility to use a public server with a static IP - is it possible to build something like a "tunnel" or similar so that our two WAN connections communicate only with the external server which connects to the other services with it's public IP (which won't change) ?

    Michael



  • You can use MLPPP if you can get your provider to provide it on their end…

    You would need to use pppoe for your connection but it would be one IP address on your WAN.



  • MLPPP would be one solution - unfortunately I don't know if this would be possible in our case at this time (Provider: German Telekom). So the question remains if it is possible to handle 2 or more WAN-connections between pfsense and an external (linux or pfsense) server manually ?



  • @michaeljk:

    Unfortunatly, there is no possibility to get something faster to communicate with the internet. I configured both 3 MBit WAN's with Load-Balancing which worked really fine, but unfortunately there are some services where we cannot use it (e.g. online banking and ICQ-Connection, because the IP can change on every connection).

    I think the answer to this is to route all outbound https traffic and/or ICQ traffic through one of your gateways. In the Firewall Rules for LAN there are advanced options below; I think one is called gateways; and you can select a particular gateway to match the rule. Then any traffic matching https would go through the same gateway everytime, even if its busy; but its a lot better than getting signed out of banking sites.


Log in to reply