Particular Fail Over
-
Hi guys,
i need to create a particular failover on my firewall..
the firewall has a lot o WAN interface under VLAN, but only 3 are public..the OPT3 (that is a new fiber connection) is almost used for routing all traffic (changed gateway on LAN rules to point the new gateway)
yesterday night, we gotta a problem on the principal connection (WAN interface) and we were unable to connect with OpenVPN to the firewall :(all the solution that i've seen is for outgoing connection inside the firewall, i need a method that switch the default gateway of pfSense to the OPT3, so we can connect with OpenVPN and other services from out
can anyone explain me if this is possible (change default GW)?
thanks a lot!
-
anyone? :(
-
The openVPN Server "should" listen on all interfaces.
What exactly do you mean with you couldnt connect with openVPN?
Do you mean you could establish the connection, but couldnt access anything?I suppose you use policy routing and failover/balancing pools.
@http://forum.pfsense.org/index.php/topic:If you are using MultiWAN and your local LAN should be able to connect to the clients connecting to your network:
you need to have a rule above your default rule (which has as gateway the loadbalancer)
with desination your VPN-subnet and as gateway the default gateway (displayed as *) NOT the loadbalancer. -
The openVPN Server "should" listen on all interfaces.
What exactly do you mean with you couldnt connect with openVPN?
Do you mean you could establish the connection, but couldnt access anything?I suppose you use policy routing and failover/balancing pools.
@http://forum.pfsense.org/index.php/topic:If you are using MultiWAN and your local LAN should be able to connect to the clients connecting to your network:
you need to have a rule above your default rule (which has as gateway the loadbalancer)
with desination your VPN-subnet and as gateway the default gateway (displayed as *) NOT the loadbalancer.the Ovpn listen on all interface, but when the default gateway goes down we cannot connect to the server :(
i need to setup a static rule for my home IP to route the traffic