Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Putting pfSense at work.

    Scheduled Pinned Locked Moved General pfSense Questions
    7 Posts 3 Posters 3.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      ariel
      last edited by

      Hello all.

      I work for an University, right now we have 3 Internet lines and want to loadbalance all this conection, i already did this kind of configuration at home, but here is a bit different. my boss want a redundant solution and is asking me about how pfsense will work in a setup like this.

      pfsense + load balance - failover + CARP

      I really want to put this in produccion, with this setup we gonna remove a few equipments
      Cisco 3700, 2x MS ISA Servers 2004

      1 Reply Last reply Reply Quote 0
      • H
        hoba
        last edited by

        You will need 3 static IPs (have to be within the same subnet) for each wan and lan. One for the master machine, one for the backup machine and one that can be shared between them. Besides that it's similiar to a standalone loadbalancing setup besides that you add some VIPs and some manual outbound nat rules to make the system use the VIP instead of the real interface IP.

        http://www.pfsense.org/mirror.php?section=tutorials/carp/carp-cluster-new.htm should walk you through the basic settings of CARP (some screens and options have slightly changed but the basics are still covered).

        http://doc.pfsense.org/index.php/MultiWanVersion1.2

        1 Reply Last reply Reply Quote 0
        • A
          ariel
          last edited by

          Thanks hoba for the reply.

          i have the enough ip address on each wan.

          how many lans can be configured ? using vlan tags ?  we wanna put almost 6 lans behind the pfsenseS.
          we have 2 PE2950 for each pfsense.

          i`m drawing a diagram to post it here..

          1 Reply Last reply Reply Quote 0
          • J
            Juve
            last edited by

            I have an installation with 10 Nics, plus vlans, running on IBM X3550.
            The only problem with many networks is the interface layout :-D, it overflow on the right. ;D ;D

            1 Reply Last reply Reply Quote 0
            • H
              hoba
              last edited by

              I have 9 interfaces at work including the 3 wans and a dedicated sync interface. Only sync and lan are dedicated interfaces. everything else runs on vlans on a 3rd physical interface.

              1 Reply Last reply Reply Quote 0
              • A
                ariel
                last edited by

                sound nice… here a little diagram showing how we gonna deploy the pfsense carp cluster.. very simple but we are an university who makes all his student related things via internet my boss wanna be 100% secure about putting an OpenSource solution in front of his webservers  :P

                anyways we are planing to get pfsense on one box and load balancing only the user who uses internet and later make the CARP and the DMZ for the webservers..

                lbadm.jpg
                lbadm.jpg_thumb

                1 Reply Last reply Reply Quote 0
                • H
                  hoba
                  last edited by

                  looks good to me  :)

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.