How to do it...

  1. First, add a second WAN interface to the firewall:
    1. Navigate to Interfaces | (assign) | Interface Assignments.
    2. On the Interface Assignments tab, the Available network ports drop-down menu lists the unassigned network interfaces.
    3. Click on the Add button.
    4. The new interface will initially be assigned a generic name (for example, OPT1, OPT2). Click on the interface's name in the table (or navigate to the configuration page via the interfaces menu).
    5. On the interface configuration page, check the Enable interface checkbox.
    6. Enter a brief description in the Description text field (for example, OPT_WAN).
    7. In the IPv4 Configuration Type dropdown, select DHCP. pfSense will automatically configure this interface as a gateway.
    8. Enter a brief, non-parsed description in the Description text field.
    9. Check the Block private addresses and loopback addresses checkbox.
    10. Check the Block bogon networks checkbox.
    11. When you are done making changes, click on the Save button.
    12. Click on the Apply Changes button.
  1. Now we must configure DNS servers for each of the newly added WAN-type interfaces:
    1. Navigate to System | General Setup.
    2. In the DNS Server Settings section, enter a DNS server for the new gateway. Enter the DNS server IP address in the text field on the left side, and select the gateway in the adjacent drop-down menu:

    1. Make sure there is at least one unique DNS server per gateway.
    2. When you are done, click on the Save button.
  1. Now, we can begin gateway configuration:
    1. Navigate to System | Routing | Gateways.
    2. Click on the edit icon (the pencil) for the default gateway.
    3. Scroll down to the Monitor IP text field and enter the IP address of the gateway’s DNS server:

    1. Click on the Save button.
    2. Click on the edit icon (the pencil) for the newly created gateway.
    3. Scroll down to the Monitor IP edit box and enter the IP address of the gateway’s DNS server.
    4. Click on the Save button.
    5. Click on the Gateway Groups tab.
    1. Click on the Add button.
    2. Enter the gateway group name in the Group Name text field:

    1. Under Gateway Priority, select Tier 1 for all gateways in the gateway group.
    2. Leave Trigger Level set to Member Down.
    3. Enter a brief description in the Description text field.
    4. When you are done, click on the Save button.
    5. Click on the Apply Changes button:

  1. Finally, we must create a firewall rule to ensure outbound traffic utilizes the new gateway group:
    1. Navigate to Firewall | Rules | Floating.
    2. From the Floating tab, click on the first Add button.
    3. Leave the Action set to Pass:

    1. In the Interface drop-down menu, select every non-WAN interface you want to utilize the gateway group (at a minimum, you probably want to select LAN, but there may be others).
    2. In the Direction drop-down box, select in.
    3. In the Protocol drop-down box, select Any.
    4. Leave the Source and Destination set to Any.
    5. Enter a brief, non-parsed description in the Description edit box (for example, Multi-WAN rule).
    6. In the Extra Options section, click on the Show Advanced button.
    1. In the Advanced Options section, scroll down to the Gateway drop-down box and select the newly created gateway group:

    1. When you are done making changes, click on the Save button.
Make sure the new rule is at the top of the list of floating rules.
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.22.249.90