pfSense Dual WAN Setup
Adding a second connection to an existing pfSense install for load balancing and failover.
(A work in progress. I’ve set it up and it’s working fine, but I haven’t finished writing it up yet.)
ASCII Network Diagram
(Concept taken from nixCraft and made with ASCII Flow)
Internet +------------+ +-------------+ | | +------------v-------+ +----------v-----------+ | Comcast Modem | | AT&T Modem | | | | | | | | | +-----+--------------+ +-------------+--------+ | | | | | | v v WAN WAN2 ETH0 ETH1 + + | +----------------------+ | | | | | +----------> | | <-------+ | pfSense Box | | | | | +---------+------------+ | | | v +---+LAN -----------+ | ETH2 | | | v v Internal Network Guest Network
I had installed pfSense on a HP Proliant DL360 G6 for a small school about a year back. This HP is WAY overpowered for what it is doing (2 CPUs x 6 cores each x 2 SMT threads), but was used, has redundant power supplies, and has been running nonstop for over 18 months now without a hiccup. The school had experienced some internet outages and this grinds much of the day-to-day activity to a halt. The front office can’t do attendance, no one can email, and since most applications are now web-based, students can’t use Google Drive, Mathletics, etc.
I was asked about adding a second internet connection and so I purchased another 2-port NIC while the school got AT&T out to install their hardware. The nice thing about doing this is that I was able to configure pfSense before AT&T connected the second connection. Once they did their part, you can plug the ethernet cable in and pfSense just starts using both connections automatically.
There are plenty of resources that helped me tackle this. The idea is simple enough, but pfSense doesn’t always make things obvious.
Installing A New NIC to HP DL360 G6
Adding another NIC is fairly easy and pfSense automatically recognizes it once it reboots after the install.
I dug through HP’s website to find the HP 412648-B21 NC360T PCI-Express DP GigaBit Adapter. It was all of $19 and was very easy to install. This video shows how to do most of it:
The inside of the case also has pretty clear diagrams that help with knowing what to do.
Setting up the Interfaces
Adding a Gateway Group
The simplest test once everything is configured and both connections are up is to unplug the cable from WAN1 and make sure the network is still connected. Then repeat this for WAN2. Assuming everything is correct, it shouldn’t cause much of a disruption and you know it works! This has been very helpful because since setting the dual-WAN up, Comcast has gone down twice and nobody even noticed!
0 Comments on “pfSense Dual WAN Setup”