Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Dual WAN Failover and Load Balancing not working

    Routing and Multi WAN
    6
    18
    16983
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      berns041671 last edited by

      Hi All
      I set up pfsense, but my failover is not working and im not sure if my load balancing is working too. I have read some comments in the forum regarding failover, they are saying that wan failover only works if you have 2 same ISP's, Is this true? I also followed how to configure the load balancing pool, adding aliases and putting firewall rules. Can Anybody please help me on how this pfsense work.

      Thanks

      –Bernie

      Here is my set-up:

      LAN: 192.168.30.30

      WAN: 203.131.139.60
      WAN Gateway : 203.131.139.57

      OPT1 : 203.215.80.21
      OPT1 Gateway: 203.215.80.1

      pfsense version: 1.0.1-SNAPSHOT-03-15-2007

      Load Balancer: Pool

      Name                      Type      Servers/Gateways      Port    Monitor  Description

      WanBalanceOpt1    gateway(balance)        wan                            203.131.139.57  Load Balance Wan & Opt1
                                                                opt1                          203.215.80.1

      WanFailoverOpt1    gateway(failover)        wan                            203.131.139.57  Failover Wan to Opt1
                                                                opt1                          203.215.80.1

      Opt1FaioverWan    gateway(failover)        opt1                          203.215.80.1      Failover Opt1 to Wan
                                                                wan                            203.131.139.57

      1 Reply Last reply Reply Quote 0
      • S
        sullrich last edited by

        Please see http://doc.pfsense.org/index.php/Multi-Wan/Load-Balancing

        1 Reply Last reply Reply Quote 0
        • B
          berns041671 last edited by

          @sullrich:

          Please see http://doc.pfsense.org/index.php/Multi-Wan/Load-Balancing

          Thanks, sullrich, i already followed this documentation for my setup, but when i try to test if the failover will work by turning off the power of dsl modem (WAN - my primary connection) it should failover to OPT1 - my secondary connection but it does not. Any ideas how can i fixed this problem.

          Lots of thanks again.

          –Bernie

          1 Reply Last reply Reply Quote 0
          • S
            sullrich last edited by

            Check your monitor IP.  It must be exclusive to the ISP of the opt interface or wan interface.

            1 Reply Last reply Reply Quote 0
            • B
              berns041671 last edited by

              @sullrich:

              Check your monitor IP.  It must be exclusive to the ISP of the opt interface or wan interface.

              My monitor IP's are the gateways of my wan and opt1 connection, 203.131.139.57 & 203.215.80.1 respectively and they are both pingable on my pfsense firewall

              Thanks

              –Bernie

              1 Reply Last reply Reply Quote 0
              • H
                hoba last edited by

                Does status>loadbalancer report all lines as up?

                1 Reply Last reply Reply Quote 0
                • B
                  berns041671 last edited by

                  @hoba:

                  Does status>loadbalancer report all lines as up?

                  Yes the status load balancer reports lines are all up, i guess load balancing is OK, but my failover is not yet working, when i try to power off my wan modem it should failover to my opt1 connection, but it didn't.

                  1 Reply Last reply Reply Quote 0
                  • H
                    h8r last edited by

                    I have the same problem - Load Balancing is working, but failover - not. The monitor IPs - they should be pingable only from the ISP interface, right. I mean if I choose worldwide pingable IPs - this can be a reason why my failover is not working (they will be pingable even if one host is down). So - no public IPs, right?

                    1 Reply Last reply Reply Quote 0
                    • H
                      hoba last edited by

                      @h8r:

                      I have the same problem - Load Balancing is working, but failover - not. The monitor IPs - they should be pingable only from the ISP interface, right. I mean if I choose worldwide pingable IPs - this can be a reason why my failover is not working (they will be pingable even if one host is down). So - no public IPs, right?

                      We generate static routes behind the scenes for monitor IPs to ensure it goes out the right gateway so it will detect the link failure even if the monitor IP would be pingable from another WAN.

                      1 Reply Last reply Reply Quote 0
                      • S
                        sai last edited by

                        snapshot 27-feb-2007 , I found that changing the rules (moving them up or down, adding a rule) would get my load balancer to work in the morning after being switched off all night. It would take about 10 minutes to start  working fine….

                        1 Reply Last reply Reply Quote 0
                        • H
                          hoba last edited by

                          This might be an issue with already established states. if you reset states after rearranging rules they will make use of the balancing immediately.

                          1 Reply Last reply Reply Quote 0
                          • S
                            sai last edited by

                            @hoba:

                            This might be an issue with already established states. if you reset states after rearranging rules they will make use of the balancing immediately.

                            1.0.1-SNAPSHOT-03-27-2007 built on Fri Apr 6 06:32:14 EDT 2007
                            Can't be states because the machine was off for the night. When I turn it on http browsing works (though a bit slow) but ssl based email (smtp and pop, ports 465, 995) just does not work until I have messed around with the rules a bit by moving them up and down. ssl based traffic is on failover-load balancing.

                            1 Reply Last reply Reply Quote 0
                            • H
                              hoba last edited by

                              Haven't seen that on any of my installs and also have not heard about it yet. However I recommend upgrading to the latest snasphot. I think your snapshot was released during the timebased rules have been implemented and during developement of this feature some things were temporarily broken. Try to reproduce this with the latest snapshot please.

                              1 Reply Last reply Reply Quote 0
                              • B
                                berns041671 last edited by

                                @hoba:

                                Haven't seen that on any of my installs and also have not heard about it yet. However I recommend upgrading to the latest snasphot. I think your snapshot was released during the timebased rules have been implemented and during developement of this feature some things were temporarily broken. Try to reproduce this with the latest snapshot please.

                                Thanks, my load balancing and failover is working fine now, my fault is that my firewall rules got mixed-up and wrong order sequence, my monitor IP are also wrongly assigned. Thanks again more power to PFSENSE

                                1 Reply Last reply Reply Quote 0
                                • B
                                  bijualapatt last edited by

                                  Hi

                                  Could you tell me, what changes you have made.  I 'm also in the same problem

                                  Biju

                                  1 Reply Last reply Reply Quote 0
                                  • S
                                    sai last edited by

                                    @bijualapatt:

                                    Hi

                                    Could you tell me, what changes you have made.  I 'm also in the same problem

                                    Biju

                                    My problem was solved by upgrading to the latest snapshot.

                                    1 Reply Last reply Reply Quote 0
                                    • B
                                      berns041671 last edited by

                                      @bijualapatt:

                                      Hi

                                      Could you tell me, what changes you have made.  I 'm also in the same problem

                                      Biju

                                      Yeah sure, just double-check your order sequence in LAN firewall rules, double check also your Monitor IP assigned (IP gateway provided by your ISP) and try using the latest snapshots version.

                                      Thanks

                                      1 Reply Last reply Reply Quote 0
                                      • B
                                        berns041671 last edited by

                                        @bijualapatt:

                                        Hi

                                        Could you tell me, what changes you have made.  I 'm also in the same problem

                                        Biju

                                        try using this docs, there's a lot of screenshots that will help you here

                                        http://doc.pfsense.org/index.php/MultiWanVersion1.2

                                        1 Reply Last reply Reply Quote 0
                                        • First post
                                          Last post

                                        Products

                                        • Platform Overview
                                        • TNSR
                                        • pfSense
                                        • Appliances

                                        Services

                                        • Training
                                        • Professional Services

                                        Support

                                        • Subscription Plans
                                        • Contact Support
                                        • Product Lifecycle
                                        • Documentation

                                        News

                                        • Media Coverage
                                        • Press
                                        • Events

                                        Resources

                                        • Blog
                                        • FAQ
                                        • Find a Partner
                                        • Resource Library
                                        • Security Information

                                        Company

                                        • About Us
                                        • Careers
                                        • Partners
                                        • Contact Us
                                        • Legal
                                        Our Mission

                                        We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                                        Subscribe to our Newsletter

                                        Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                                        © 2021 Rubicon Communications, LLC | Privacy Policy