Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    [SOLVED] Gateway group as default?

    Routing and Multi WAN
    3
    6
    3071
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      Pontiac_CZ last edited by

      I have just setup multi WAN on my pfSense box for failover purposes (two WANs, different tiers). The last step to do is to change the gateway setting of my firewall's LAN rules (I have several of them).
      It would be comfortable to keep it as default and setup my new gateway group as default instead. But that apparently is not possible, only single gateways have the checkbox "Default gateway".

      Does it really mean I have to manually change all my LAN rules so they can use this new failover gw group? Haven't you guys found some workaround?

      1 Reply Last reply Reply Quote 0
      • P
        Pontiac_CZ last edited by

        OK, so I can answer myself:  :)
        There is a workaround (if it as a workaround at all). There is an option "Allow default gateway switching" in System: Advanced: Miscellaneous which works just the way I want. If the primary gateway is down system chooses next available one which is the secondary gw as I have only two. After the primary gw gets back online pfSense switches back to it. I have just tried it a few times and works like a charm.  :)

        But the gateway groups are still a good tool if you have more than two gateways and in case of failure you want pfSense to switch to the other ones in certain order (that's what tiers are for). Or if you need load balancing (you then adjust the weight option in gw settings).

        1 Reply Last reply Reply Quote 0
        • R
          ristosu last edited by

          May I ask what version you were using? I tried this on 2.0.1, and it didn't do anything, i.e. the default route just disappeared when I pulled the plug.

          Risto

          1 Reply Last reply Reply Quote 0
          • P
            phil.davis last edited by

            There have been bugs with default gateway switching scenarios and 2.0.1 is now a very old version.
            In a scenario with just 2 WANs to choose from, default gateway switching is easy and I know it works in 2.2-RELEASE.

            As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
            If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

            1 Reply Last reply Reply Quote 0
            • R
              ristosu last edited by

              Thank you, Phil.

              I'll think about upgrading. Now it seems to work for the clients, with the more complicated system using a gateway group. The only question is, whether it really matters that the box itself doesn't have a gateway, if the primary connection breaks.

              Risto

              1 Reply Last reply Reply Quote 0
              • P
                phil.davis last edited by

                Yes, I normally use gateway groups for the clients, because also that way you can load-balance the traffic, and/or send some particular traffic out WANA and other traffic out WANB.
                Default gateway switching is only good for dumping everything from primary-WAN to other-WAN. And as you say, if primary-WAN is down then often you do not care so much that the pfSense version check, package download etc do not work for that time.

                As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
                If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post