On 13 Nov 2015, at 15:09, David White <dmwhite...@gmail.com> wrote: > I have a unique scenario: > The higher ups require a multi-wan high availability setup, but assuming > both ISPs are working, some traffic is required to use 1 ISP and some > traffic is required to use the other. > I've read in some pfSense docs on how I can setup a high availability, > multi-wan setup, but those docs say nothing about segmenting the traffic. > My idea is to setup 2 VLANS, and route 1 VLAN out of 1 gateway and 1 VLAN > out the other, but configure them so that if 1 ISP or the other ISP goes > down, both VLANS will go out whichever ISP is working. > Is this possible?
Yes, it’s far from unique - most of our pfSense deployments are like this. The joys of rural locations where one internet connection is neither fast or reliable enough. In a nutshell, you’ll define two gateway groups, something like this: WAN1Preferred - Tier 1: WAN1 Gateway - Tier 2: WAN2 Gateway WAN2Preferred - Tier 1: WAN2 Gateway - Tier 2: WAN1 Gateway Then on your VLAN rules pages, change the default (allow all outbound) rule to use the appropriate gateway group. In most of our deployments we segment traffic by type rather than VLAN though, usually to force latency-critical traffic (like SIP) away from ‘bulk’ traffic (like web browsing). > Founder & CEO Yet there are still ‘higher ups’? :-) Kind regards, Chris -- C.M. Bagnall This email is made from 100% recycled electrons _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold