PFsense ESXi Multi-WAN best practice
-
I know there's usually 100 different ways to go about solving problems but I'd like to get a little advice on the best configuration for my scenario. I have pFsense 2.2.4 currently running on an ESXi server with a 10G "LAN" up-link to our core HP switch stack and a 1G "WAN" up-link to a DMZ switch with two ISP connections. My question is it better to just setup one WAN vNIC interface with no IP configuration and setup the two different ISP connections under Gateways OR add a separate vNIC for each ISP both connected to the "WAN" vSwitch? Its currently kind of bastardized as the original WAN vNIC has a static IP and gateway for the first ISP and a second ISP must have been brought in later so a second gateway was added but utilizing that "WAN" vNIC. Any thoughts and pointers would be appreciated. Thanks!
-
what?? So this wan network that your pfsense sees via this connection to the dmz switch?? Is this a private network..
So your esxi host has this 1 gig physical connection, and your 2 different isp are via vlans? And your trunking to esxi?
As to not setting up an IP, but just gateways?? How the F would that work??
-
what?? So this wan network that your pfsense sees via this connection to the dmz switch?? Is this a private network..
Yes and no, it is a separate physical 16-port switch that connects our main pFsense router and also a sub-vendor of ours to have its own public IPs to their routers as well. So its a switch for WAN distribution to multiple routers more or less.
So your esxi host has this 1 gig physical connection, and your 2 different isp are via vlans? And your trunking to esxi?
Its connected via a physical 1 Gig connection from the eski host to the WAN switch I should call it, not really a DMZ in the normal sense. No vlans on this switch.
As to not setting up an IP, but just gateways?? How the F would that work??
I would assume not assigning an IP on the interface page and then adding the two ISP gateways under System/Routing/Gateways and assigning the single WAN interface to both? I'm not a networking or pFsense Guru by any means, just looking on how to properly configure/reconfigure this from the old IT person.