pfSense Dual WAN Setup

Adding a second connection to an existing pfSense install for load balancing and failover.

(A work in progress.  I’ve set it up and it’s working fine, but I haven’t finished writing it up yet.)

ASCII Network Diagram

(Concept taken from nixCraft and made with ASCII Flow)

                           Internet
             +------------+        +-------------+
             |                                   |
+------------v-------+                +----------v-----------+
| Comcast Modem      |                | AT&T Modem           |
|                    |                |                      |
|                    |                |                      |
+-----+--------------+                +-------------+--------+
      |                                             |
      |                                             |
      |                                             |
      v                                             v
    WAN                                           WAN2
    ETH0                                          ETH1
      +                                             +
      |            +----------------------+         |
      |            |                      |         |
      +----------> |                      | <-------+
                   |     pfSense Box      |
                   |                      |
                   |                      |
                   +---------+------------+
                             |
                             |
                             |
                             v
                     +---+LAN -----------+
                     |    ETH2           |
                     |                   |
                     v                   v
           Internal Network         Guest Network

Background

I had installed pfSense on a HP Proliant DL360 G6 for a small school about a year back.  This HP is WAY overpowered for what it is doing (2 CPUs x 6 cores each x 2 SMT threads), but was used, has redundant power supplies, and has been running nonstop for over 18 months now without a hiccup.  The school had experienced some internet outages and this grinds much of the day-to-day activity to a halt.  The front office can’t do attendance, no one can email, and since most applications are now web-based, students can’t use Google Drive, Mathletics, etc.

I was asked about adding a second internet connection and so I purchased another 2-port NIC while the school got AT&T out to install their hardware.  The nice thing about doing this is that I was able to configure pfSense before AT&T connected the second connection.  Once they did their part, you can plug the ethernet cable in and pfSense just starts using both connections automatically.

Sources

There are plenty of resources that helped me tackle this.  The idea is simple enough, but pfSense doesn’t always make things obvious.

https://turbofuture.com/computers/Dual-Wan-Router-How-To-Build-One-On-a-Budget

http://www.tecmint.com/how-to-setup-failover-and-load-balancing-in-pfsense/

https://doc.pfsense.org/index.php/Multi-WAN

Installing A New NIC to HP DL360 G6

Adding another NIC is fairly easy and pfSense automatically recognizes it once it reboots after the install.

I dug through HP’s website to find the HP 412648-B21 NC360T PCI-Express DP GigaBit Adapter.  It was all of $19 and was very easy to install.  This video shows how to do most of it:

The inside of the case also has pretty clear diagrams that help with knowing what to do.

Setting up the Interfaces

pfSense single WAN configuration
pfSense single WAN configuration

Adding a Gateway Group

Firewall Rules

Failover

Testing

The simplest test once everything is configured and both connections are up is to unplug the cable from WAN1 and make sure the network is still connected.  Then repeat this for WAN2.  Assuming everything is correct, it shouldn’t cause much of a disruption and you know it works!  This has been very helpful because since setting the dual-WAN up, Comcast has gone down twice and nobody even noticed!

0 Comments on “pfSense Dual WAN Setup

Leave a Reply