One server two 1:1 Nats? One for failover…



  • Am not able to test this due to being in production thus why I will ask.

    Is it possible to have two 1:1 nats set for the same internal server but only use one, unless the isp fails of course than use other?

    Example I have a ip pbx on one ISP with 1:1 nat. My Sip Provider does not register they just forward to an IP but I can give them a failover IP that is on another ISP…

    I have pfsense doing failover and have plenty of IPs from both ISPs...

    I want it so if ISP1 went down the phone box will be online using ISP2 with the alt 1:1 nat public IP...

    Is this doable? I have the gateway in the rules setup correct for failover, but as it stands now it will end up with whatever public IP is on the 2nd ISP if the other ISP fails and not the specific one I need.

    Thanks!



  • No.
    1:1 NAT also definies how outgoing taffic should be NATed.

    But… why do you use 1:1 NAT?
    Cant you just forward the ports with normal NAT?

    (with normal NAT it would work)
    As for the reregistering of the voip box.
    Search the forum.
    there are quite a few thread about this problem around.



  • use CARP.



  • But if I do just port forward yes the box will get anything sent to that IP but when it goes to send out its going to send out from the gateways pub IP and not the correct one…

    I want it to 1:1 outgoing and incomming but only one needs to work at a time, so if one ISP went dead than the other would be used...

    Right now I have two ISPs and have one with the 1:1 nat but if I drop that one the box switches to the other ISP and uses the gateways pub IP... In a nutshell I want it like this but instead of using the gateways default pub IP on that ISP I want it to use another IP from that same ISP...



  • You want CARP, portforward and advanced outbound nat in combination with failover pools  ;)



  • I cant have no more boxes though. :( I already pushing the limit on number of boxes so no way to do the carp…



  • You don't need additional boxes.

    Hint: What is a carpcluster consisting of 2 machines with 1 dead machine? Yep, still working  ;D


Locked