Two WANs, verifying config

  • What I've had for years:
    redundant pfSense boxes with WAN ports connected to a switch that connected them to ISP switch providing fiber Internet and /28 block of public IPs

    All those public IPs are setup as CARP virtual IPs.  I've been providing Internet from this to 3 different VLANs. Using manual outbound nat rules the primary LAN has outbound traffic go out 1 IP and the two other LANs (different guest wifi networks) have been routed out another.

    What I'm trying to add/change:
    Obtained a 2nd Internet connection to handle the guest wifi traffic.  Added another interface to the boxes and called it PUBLIC_COAX. Each of those interfaces has a 192.168.15.x address. Created virtual IP that is the 1 static IP provided by ISP and assigned it to the PUBLIC_COAX interface. Added the gateway ISP informed me of to the PUBLIC_COAX interface on the gateways tab.

    Under firewall->rules->guest wifi lan tab
    Changed bottom any to any rule editting gateway->advanced, setting it to PUBLIC_COAXGW created above
    Under firewall->NAT->outbound
    Changed rule with source of guest wifi subnet, changed interface from WAN to PUBLIC_COAX and changed translation to be PUBLIC_COAX virtual IP

    First any comments or suggestions about doing this different?
    Second, every time I save this config and check my public IP and browsing ability with my phone on the guest network it works at first then later in the day I find out nobody on this guest wifi is getting any Internet. Where in pfSense would you recommend for beginning to troubleshoot this?

Log in to reply