Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Configure pfsense with 4 nic card where 3 nic card will use for ISP

    Routing and Multi WAN
    8
    15
    2516
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      ashwani_km last edited by

      Hello Folks,

      I have a system with 5 NIC card and I have 3 ISP With Physical cable connection now I wants to configure pfsense firewall with 3 ISP using 3 NIC card and 4th NIC will be used for LAN purpose and also i wants to enable failover based on all 3 ISP. So Please help me out that how do I configure pfsense firewall using 3 ISP.

      Regards,
      Ashwani Kumar

      1 Reply Last reply Reply Quote 0
      • A
        ashwani_km last edited by

        some one has any idea about this??

        1 Reply Last reply Reply Quote 0
        • KOM
          KOM last edited by

          I have never done what you are doing due to only one WAN, but this article may help you.

          1 Reply Last reply Reply Quote 0
          • P
            phil.davis last edited by

            That doc that KOM has pointed to is good. The principles are the same for 2, 3, 4,… WANs. Get the WANs working, make gateway groups fro failover and/or load balancing, use rules to feed traffic into the gateway groups, done.

            As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
            If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

            1 Reply Last reply Reply Quote 0
            • A
              ashwani_km last edited by

              KOM and Phil Thanks for reply !!!!!

              I am trying to configure but can you guys please help me out with creating gateway group and writing rules for these group or other person who has good idea about this.

              –
              Regards,
              Ashwani Kumat

              1 Reply Last reply Reply Quote 0
              • KOM
                KOM last edited by

                I've never tried it as I have only ever had one WAN to play with.

                1 Reply Last reply Reply Quote 0
                • P
                  phil.davis last edited by

                  System->Routing, Groups tab. Add a group. Make all the WANs Tier1 to make a load-balanced group, or set an order of tiers if you want to have some traffic use a particular WAN and failover over to other/s.

                  Firewall->Rules, LAN.
                  Add rule/s above the pass all rule.
                  For traffic you want to load-balance (e.g. all traffic to HTTP/HTTPS ports), put a rule to pass source LANnet, destination any IP and ports HTTP, HTTPS. Select the load-balance gateway group in the advanced section.
                  For traffic you want to failover (e.g. to mail server/s) put a rule to pass source LANnet, destination any IP, ports (a list of mail server ports 25…). Select the failover gateway group.

                  You have to first define yourself where you want the traffic to go on the various WANs, then you can design an implementation of gateway groups and rules to achieve it.

                  As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
                  If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

                  1 Reply Last reply Reply Quote 0
                  • ginuzence
                    ginuzence last edited by

                    Take note of your gateway monitoring since most cable connections coming out of the modem are already translated unless you're in bridge mode. Failover rules might not work properly.

                    WHEN WE SENSE YOU NEED SOME HELP

                    1 Reply Last reply Reply Quote 0
                    • H
                      heper last edited by

                      also: don't loadbalance https.
                      plenty https sites get broken if they get a different source-ip every other time.

                      1 Reply Last reply Reply Quote 0
                      • panz
                        panz last edited by

                        My question is: adding the second, third, etc. WAN, how can I force pfSense to apply the same WAN firewall rules to the other WAN(s)?

                        pfSense 2.3.2-RELEASE-p1 (amd64)
                        motherboard: MSI C847MS-E33 Micro ATX (with Intel Celeron CPU 847 @ 1.10 GHz) ~ PSU: Corsair VS350 ~ RAM: Kingston KVR1333D3E9S 4096 MB 240-pin DIMM DDR3 SDRAM 1.5 volt ~ NIC: Intel EXPI9301CTBLK (LAN) ~ NIC: D-Link DFE-528TX (CAM) ~ Hard Disk: Western Digital WD10JFCX Red ~ Case: Cooler Master HAF XB ~ power consumption: 21 Watts.

                        1 Reply Last reply Reply Quote 0
                        • H
                          heper last edited by

                          you could create interface groups and apply firewall rules on the group instead of the individual interfaces.
                          (interfaces–>assign-->interface groups)

                          1 Reply Last reply Reply Quote 0
                          • panz
                            panz last edited by

                            Isn't simpler to just tell pfSense "this is another WAN interface; please, setup firewall rules accordingly"?

                            Or, just creating another WAN (aka, another interface with no rules in it, except for Bogon ones) is sufficient?

                            pfSense 2.3.2-RELEASE-p1 (amd64)
                            motherboard: MSI C847MS-E33 Micro ATX (with Intel Celeron CPU 847 @ 1.10 GHz) ~ PSU: Corsair VS350 ~ RAM: Kingston KVR1333D3E9S 4096 MB 240-pin DIMM DDR3 SDRAM 1.5 volt ~ NIC: Intel EXPI9301CTBLK (LAN) ~ NIC: D-Link DFE-528TX (CAM) ~ Hard Disk: Western Digital WD10JFCX Red ~ Case: Cooler Master HAF XB ~ power consumption: 21 Watts.

                            1 Reply Last reply Reply Quote 0
                            • H
                              heper last edited by

                              pfsense doesn't have WAN-interfaces …. it just has interfaces. In other words, there is (currently) no system in place to distinguish a use-case between interfaces. (any interface can be a wan or lan or tunnel or .....)
                              everything can be changed offcourse, but i don't know if anyone would want to.

                              1 Reply Last reply Reply Quote 0
                              • J
                                jswami234 last edited by jswami234

                                Are you still facing the issue? If so, then try visa card generator with money available online. You can try it I hope it might help you.

                                1 Reply Last reply Reply Quote 0
                                • J
                                  jackfern last edited by

                                  If you want to buy aws without your free credit card on amazon then i suggest you to try real credit card generator.

                                  1 Reply Last reply Reply Quote 0
                                  • First post
                                    Last post