1. Home
  2. How To
  3. Security
  4. Netgate
  5. Multi-WAN Failover Setup

Multi-WAN Failover Setup


This is to establish a redundant WAN connection from different Internet Service Providers (ISPs) and implement a Multi-WAN failover.


  1. ISP01 (IP:
  2. ISP02 (IP:
  3. PfSense box – (PfSense01.localdomain)


Task 1: Preparing Networks

Step 1: On your PFSense box, go to Intefaces > Assignments.

Step 2: Add a new Network port.

Step 3: Rename the interface to WAN2.

Step 4: Assign the interface a Static IP. Use the second ISP IP address as the Gateway.

Step 5: Save your settings and Apply Changes.

Step 6: Ensure the WAN interface is configured as below:

Step 7: Ensure that the WAN2 interface firewall consists of an Allow All rule.

Task 2: Enable Default Gateway Switching

Step 1: Go to System > Advanced > Miscellaneous

Step 2: Under Load Balancing section, enable the Default gateway switching option.

Task 3: Configure Gateway Group

Step 1: Go to System > Routing > Gateway Groups.

Step 2: Add a new Group.

Step 3: Enter a Group Name

Step 4: 2 Gateways should be listed under Gateway Priority, change the tier for each to Tier 1.

Step 5: Change the Trigger Level to Packet Lost or High Latency

Step 6: Description > GW_Failover

Step 7: Save your settings and Apply Changes.

Task 4: Test the Configuration

Step 1: Go to your PFSense console and select option ‘8’.

Step 2: Enter the command ‘netstat -r’. This will list the current gateway being used by the firewall.

Step 3: Force a shutdown on one of the ISP router and enter the same command.

Step 4: At that moment, you will notice the default gateway is changed to other IP of the second ISP router.

Updated on June 5, 2020

Was this article helpful?

Related Articles

Need Help?
Submit a ticket to us and let our professional team assists you

Support Billing Sales