MutiWAN, Double NAT



  • I have the following scenario: 1 public IP on a pfSense WAN. From this first box, 2 radio links to a remote site, each on their own interface (LAN and OPT1) and private subnet (192.168.1.0/24 and 192.168.2.0/24). On the remote side, a pfSense box configured with MultiWAN to handle link aggregation, and more importantly link failover for the incoming radio links. A third private subnet (192.168.3.0/24) is used for devices connected to the remote network. See attachment for a diagram.

    This setup "works", in that connected clients on the remote side can use the internet/etc. When one radio link or the other goes down, connectivity is still available. Incoming connections from the internet, however, I cant really wrap my head around. This setup involves double NAT, so simple port forwarding doesn't work. The radios themselves are layer 2 devices, so no additional complexity there.

    LACP seems out, because the radio links are half-duplex.

    I might be able to figure out something with Quagga/OSPF, but I cant find good documentation. I also think I'd lose the link-aggregation niceness of MultiWAN if I was just dynamically updating routes based on radio link availability.

    Am I going about this the wrong way?


Log in to reply