Objectives
This is to establish a redundant WAN connection from different Internet Service Providers (ISPs) and implement a Multi-WAN failover.
Prerequisites
- ISP01 (IP: 192.168.13.15)
- ISP02 (IP: 206.40.196.246)
- PfSense box – https://192.168.13.14/ (PfSense01.localdomain)
Steps
Task 1: Preparing Networks
Step 1: On your PFSense box, go to Intefaces > Assignments.
Step 2: Add a new Network port.
Step 3: Rename the interface to WAN2.
Step 4: Assign the interface a Static IP. Use the second ISP IP address as the Gateway.
Step 5: Save your settings and Apply Changes.
Step 6: Ensure the WAN interface is configured as below:
Step 7: Ensure that the WAN2 interface firewall consists of an Allow All rule.
Task 2: Enable Default Gateway Switching
Step 1: Go to System > Advanced > Miscellaneous
Step 2: Under Load Balancing section, enable the Default gateway switching option.
Task 3: Configure Gateway Group
Step 1: Go to System > Routing > Gateway Groups.
Step 2: Add a new Group.
Step 3: Enter a Group Name
Step 4: 2 Gateways should be listed under Gateway Priority, change the tier for each to Tier 1.
Step 5: Change the Trigger Level to Packet Lost or High Latency
Step 6: Description > GW_Failover
Step 7: Save your settings and Apply Changes.
Task 4: Test the Configuration
Step 1: Go to your PFSense console and select option ‘8’.
Step 2: Enter the command ‘netstat -r’. This will list the current gateway being used by the firewall.
Step 3: Force a shutdown on one of the ISP router and enter the same command.
Step 4: At that moment, you will notice the default gateway is changed to other IP of the second ISP router.