SlideShare une entreprise Scribd logo

Multi wanversion1.2

Christopher HSAY MU
Christopher HSAY MU
Développement personnelTechnologie
1  sur  11
Télécharger pour lire hors ligne
Multi-WAN Version 1.2.x - PFSenseDocs Page 1 of 11 Search Submit Query Personal tools ■ Log in Multi-WAN Version 1.2.x From PFSenseDocs (Redirected from MultiWanVersion1.2) This community-contributed guide leaves out some important information and considerations. The best source of multi-WAN information is in the pfSense book (http://pfsense.org/book) . Introduction This setup enables pfSense to load balance traffic from your LAN to multiple internet connections (WANs). Traffic from the LAN is shared out on a round robin basis across the available WANs. pfSense monitors each WAN connection, using an IP address you provide, and if the monitor fails, a failover configuration is used, this typically just feeds all traffic down the other connection(s). This example sets up 2 WANs, but 3 or more can be used by simply extending what this page describes. Note that currently most pfSense add-on packages do NOT support multi WAN and all their traffic will use the WAN connection. Contents ■ 1 Introduction ■ 2 Overview ■ 3 Before you start ■ 3.1 Target network setup ■ 4 Finishing pfSense console setup ■ 5 Setting up your modems / routers ■ 5.1 Router mode setup ■ 5.2 Bridge mode setup ■ 6 Using the pfSense Wizard ■ 7 Initial setup for Load balancing ■ 7.1 Finishing the interfaces setup ■ 7.1.1 Setting up the OPT 1 interface http://doc.pfsense.org/index.php/MultiWanVersion1.2 06-Jul-11
Multi-WAN Version 1.2.x - PFSenseDocs Page 2 of 11 ■ 7.1.2 Checking interfaces ■ 7.2 Setting up Load Balancing pools ■ 7.2.1 Overview ■ 7.2.2 Selecting a Monitor IP address ■ 7.2.3 Setting up the pools ■ 7.3 Setting up DNS for Load Balancing ■ 7.4 Sticky Connections ■ 7.5 Basic Firewall Rules ■ 7.5.1 First 3 rules ■ 7.5.2 Setting up for protocols that don't like load balancing ■ 8 Further Rules for handling outgoing traffic ■ 8.1 Setting up rules to access specific ISPs Overview This guide helps you setup pfSense to support a local network (the LAN) and 2 connections to the internet (WAN and WAN2). Most traffic is shared out between the 2 WAN connections, but specific rules are also setup for some types of traffic to only use 1 connection (for example https), where load balancing can cause problems. pfSense runs in a small system that uses 3 network interface cards Networks and computers in a (NICs), 1 for each of the WANs and 1 for the LAN. multi WAN installation pfSense can also be run in a virtual machine for testing and lightweight use, although this is not as secure or robust as a physical machine implementation. The guide also shows how to setup access from the internet to servers on the internal network, and has guides to the setup for some specific applications. Note that if you install servers connected to DMZ1 or DMZ2, these are not protected by pfSense, and will have to be internet hardened. Before you start You must have completed the basic pfSense installation. Target network setup This guide assumes the following network setup; you can easily do something different, but you will need to translate network addresses appropriately if you do. 1. Your ISPs have assigned a single IP address for each internet connection (which could be dynamic) and you are using your modem / routers in router mode (some guidance on other variants of this are included in the details below). 2. DMZ 1 is going to use the subnet 192.168.0.0/24 This means that DMZ 1 uses IP addresses between 192.168.0.0 and 192.168.0.254. http://doc.pfsense.org/index.php/MultiWanVersion1.2 06-Jul-11
Multi-WAN Version 1.2.x - PFSenseDocs Page 3 of 11 3. DMZ 2 is going to use the subnet 192.168.1.0/24 This means that DMZ 2 uses IP addresses between 192.168.1.0 and 192.168.1.254 4. The LAN uses subnet 192.168.10.0/24 This means that the internal network uses IP addresses between 192.168.10.0 and 192.168.10.254 You should pick up the 3 interface cards. Note that if you have DHCP turned off on your WAN1 modem router, there will be a long pause here while pfSense tries to pick up an IP address. Finishing pfSense console setup The console will eventually give a prompt pfSense console setup. Select option 2 and setup up the LAN interface as follows: LAN IP Address 192.168.10.254 subnet bit count 24 (for a class C space) - this will allow up 250 computers to be used DHCP y DHCP start address 192.168.10.10 DHCP end address 192.168.10.200 You should now be able to plug a PC into the network, and it will be allocated an IP address and you will be able to access pfSense web interface (although not much else yet). Setting up your modems / routers Router mode setup If you have CABLE/DSL modems that are bridge routers you may want to use them in router mode. The client ID (PPPoE) is installed on the modem/router and the modem/router maps the Public IP it receives to a Private IP on the modem/router LAN interface. How to do this is specific to each modem/router. WAN (WAN1) OPT1 (WAN2) setting Modem / router setup for load modem / router modem / router balancing in router mode LAN IP 192.168.0.254 192.168.1.254 address Subnet mask 255.255.255.0 255.255.255.0 DHCP on on DHCP 192.168.0.10 - 192.168.1.10 - address range 192.168.0.100 192.168.1.100 Once you have set up the modem/routers you can test them by plugging a PC into their network, and accessing your favourite web site. http://doc.pfsense.org/index.php/MultiWanVersion1.2 06-Jul-11
Multi-WAN Version 1.2.x - PFSenseDocs Page 4 of 11 Or you can wait until the basic pfSense configuration is in place, and test through pfSense. Note if you are *cheating* by running multiple subnets on one physical network, you must have DHCP turned off on all but 1 subnet. Bridge mode setup If you have a fixed IP address from your ISP you can also use bridged mode for some or all of your connections. (If you do not have a fixed address it makes life complicated in pfSense) In bridged mode, the modem becomes a transparent (in IP terms) device, and your internet IP address is allocated to the pfSense interface. This makes life a bit simpler as it means there is one less NAT going on. Modem / router setup for load balancing in bridge and router You can usually set up at least WAN1 to work in bridge mode (if mode your modem / router allows it). as this connections allows PPPoE or bigpond account information to be configured in pfSense. If you do this, your ISP assigned address will replace the 192.168.x.y address (from the router mode setup above) in the later sections of the setup. Using the pfSense Wizard ■ Go to http://192.168.10.254 (or the address you gave pfSense if different) ■ Select System - Setup Wizard from the menu General parameters screen ■ hostname ■ leave as pfsense ■ domain ■ as you like - I use me.local at home ■ Primary DNS server ■ a DNS address from WAN1 DNS list ■ Secondary DNS server ■ a DNS address from WAN2 DNS list ■ Allow DNS server list to be overridden by DHCP/PPP on WAN ■ Unchecked - if this is checked you won't see the right DNS server list when you set up load balancing pools ■ Click next Note: it is important to use one from each (or use a public DNS service) or you will loose internet access when one or other connections fails. date, time and time zone screen ■ time server DNS name http://doc.pfsense.org/index.php/MultiWanVersion1.2 06-Jul-11
Multi-WAN Version 1.2.x - PFSenseDocs Page 5 of 11 ■ its a good idea to select a local service - either the one your ISP provides, or a local pool.ntp.org address (for example uk.pool.ntp.org if you are in the UK, or one in your time zone). ■ Timezone ■ pick the right entry from the time zone. Note pfSense can provide an NTP service so all your local machines pick up time from pfSense. ■ click Next WAN configuration If have set your WAN modem router to DHCP, you can leave this set to DHCP, otherwise: ■ Selected type ■ Static ■ IP address ■ 192.168.0.1 /24 (or an address in your DMZ1 subnet) ■ Gateway ■ 192.168.0.254 (or the address you gave your fist modem / router If you are using a plain modem then you can set up your ISP account information here, I can't find a wiki page about this, but there several threads in the forums that discuss this. LAN configurationThis was set up through the console so shouldn't need changing Change your password and reboot Put in a sensible password, then let pfSense reboot. After Wizard general setup These settings make it easier to access machines on your local network - you can access them by name, and if you are running Windoze you will not suffer at the vagiaries of WINS. ■ Go into 'Services' - 'DNS Forwarder', turn on ■ Register DHCP leases in DNS forwarder ■ Register DHCP static mappings in DNS forwarder Initial setup for Load balancing Finishing the interfaces setup Now it is time to finish setting up the interfaces and make sure they are setup OK. Setting up the OPT 1 interface From the pfSense menu select Interfaces - OPT1 and set up as follows: enable Optional 1 interface checked Type http://doc.pfsense.org/index.php/MultiWanVersion1.2 06-Jul-11
Multi-WAN Version 1.2.x - PFSenseDocs Page 6 of 11 Static - assumes you are not using an address assigned by your ISP MAC address and MTU do not usually need to be set - see info on screen Bridge with None IP address 192.168.1.1 /24 - or an appropriate address in DMZ 2 if you used a different subnet Optional 1 (WAN2) set up for Gateway a MultiWAN configuration 192.168.1.254 - or whatever address you gave modem / router 2 (or your ISP has assigned, if no routing being used) Checking interfaces From the pfsense menu select Interfaces - Assign and you should get an screen like the one of the right. Note your hex numbers (The MAC addresses) will be different. Now to check that pfSense can see your modem routers you use Diagnostics - Ping. With WAN 1 selected, enter the IP address of your modem / router - 192.168.0.254 if you are using the guide values in this document. Interfaces set up for a MultiWAN configuration If you are using using a modem / router without NAT, the check first that the WAN link is up and ping the DNS server address that you recorded earlier. FTP helper: Check also that FTP helper is only enabled for the LAN interface. That is it should be disabled on all WAN interfaces Setting up Load Balancing pools Overview This setup uses 3 pools 1. One pool for load balanced use when both WANS are working 2. One pool which prefers WAN 1, for use when WAN 2 has failed 3. One pool which prefers WAN 2, for use when WAN 1 has failed how the various Pools and These pools use the 2 gateways that are already established (by the gateways are related, and how they can be used interfaces WAN and WAN 2) to load balance and support failover when a WAN link fails Selecting a Monitor IP address http://doc.pfsense.org/index.php/MultiWanVersion1.2 06-Jul-11
Multi-WAN Version 1.2.x - PFSenseDocs Page 7 of 11 pfSense monitors each WAN connection by pinging the monitor address you specify. If the ping fails, the link is marked down and the appropriate failover configuration is used (actually if the ping fails it retries a few times to be sure, this avoids false indications of the connection going down). Note that pfSense automatically sets up to route traffic to your monitor IP only down the link it is monitoring, so don't use a popular web site as this will force all its traffic down 1 link. Better to use a router or server in your ISP's network. Good addresses to use your ISP's DNS server (1 from each ISP). The web interface makes it easy to pick these when setting up the pools later. Other good monitor addresses are the default gateway your modem has assigned (if it responds to ping!), your ISP's webmail server, or a router within your ISP's network - you can find one of these by using traceroute to a public service, be careful though, larger ISPs will have networks that dynamically adapt so a router you see now may not be there an hour later! Setting up the pools We are going to set up 3 pools in Services - Load Balancer Note that each pool has 2 monitors set up, when complete the 1st pool should correspond to the screenshot on the right. Setup for the first (load balancing) pool Setting Pool 1 Pool 2 Pool 3 Pool name LoadBalance WAN1FailsToWAN2 WAN2FailsToWAN1 Round Robin load WAN 2 preferred when WAN 1 preferred when Description balancing WAN 1 fails WAN 2 fails Type Gateway Gateway Gateway Behavior Load Balancing Failover Failover Port Unused Unused Unused 1st Monitor IP DNS server 1 DNS server 2 DNS server 1 1st Interface WAN WAN2 WAN name 2nd Monitor DNS server 2 DNS server 1 DNS server 2 IP 2nd Interface WAN 2 WAN WAN2 name This finals screenshot shows the summary you should end up with. http://doc.pfsense.org/index.php/MultiWanVersion1.2 06-Jul-11
Multi-WAN Version 1.2.x - PFSenseDocs Page 8 of 11 Setting up DNS for Load Balancing 3 pools set up ready for load balancing Make sure that you have a DNS server from each ISP in the General Settings. This will ensure that you have DNS service in case one ISP goes down. You will also need to setup Static Routes for each DNS server. In this example if the DNS is on the WAN link then the static route for that DNS server will have 192.168.0.254 as the gateway. If the DNS server is on the other ISP (ie OPT1) then the static route will have have 192.168.1.254 as the gateway. Sticky Connections pfSense Version 1.2 introduced Sticky connections, which can be used as part of a MultiWan setup. Where Sticky connections are used, some of the firewall rules previously used are no longer required; this is noted in the information below. 'Sticky connections' are a very good where there are many active systems / users, or where your WAN connections are fast, they are not so useful for small number of users on slower connections (as the multiple requests involved in fetching a single web page will not be shared across the available connections. Basic Firewall Rules These are the rules you need to add to support access from your LAN to the internet. Later sections describe the rules you need to support incoming access from the internet to machines on your LAN, this includes how to support peer to peer applications. First 3 rules If you do not need to access any of your systems from the internet, and you use sticky connections, then these are probably the only rules you will need. Set these rules up in Firewall - Rules, and then click the LAN tab. Rule Load Balance DMZ 1 DMZ 2 Position in Last Top Top(-1) rule list Action Pass Pass Pass Disabled Unchecked Unchecked Unchecked Interface LAN LAN LAN Protocol any any any Source LAN subnet LAN subnet LAN subnet Source OS any any any network: Destination any WAN2 subnet 192.168.0.0 / 24 Log no yes temporarily (see below) yes temporarily (see below) Schedule none none none Gateway LoadBalance default default Everything else gets Make sure DMZ 1 traffic Make sure DMZ 2 traffic Description shared out goes to right interface goes to WAN2 DMZ http://doc.pfsense.org/index.php/MultiWanVersion1.2 06-Jul-11
Multi-WAN Version 1.2.x - PFSenseDocs Page 9 of 11 Rule logging It is always a good idea to put a new rule in with logging turned on, then check by generating some appropriate traffic, that the rule is working, then turn logging off once you know it is having the right effect. Rule explanation - Load Balance This rule must always be the last rule in the rule list. It catches anything else that is not special in any way, and load balances the traffic. Any rule that comes after this rule will never trigger, so may as well not be there! Rule explanation - DMZ 1 and DMZ 2 These rules make sure that any traffic to the modem / router, (or other machines that are connected to this subnet if you are not using bridge mode), go down the right WAN connection. Without these rules you will find strange things happening when you try to access your modem / router. These rules should always be top of the rule list as you do not want earlier rules to route this traffic elsewhere. Testing these rules Testing the DMZ rules Use a web browser to access the administration interface on your modem / router. Then use Status - System Logs, Firewall tab to check if the rule has fired. Testing the load balancing rule Access any site on the internet, then check the firewall log (as above) to see if the rule fired. Don't forget to turn off logging on the rules once you have checked them. Testing failover Now you should make sure that failover is working. ■ Switch off (or unplug) one modem / router ■ Check the pfSense Load balancer status screen ('Status' - 'Load Balancer') it should show (within a few seconds) that one link has failed. ■ if it shows that both links have failed, it probably means you have your monitor IP's the wrong way round. Use a trace route from PC on the LAN to trace the route to each monitor IP address and if it is using the wrong WAN link, re-setup the WAN links the right way round. ■ Now try accessing a internet site, it should appear without any problems. If it fails, then check the load balancer status (see above). If one link is still marked up, check that it is not a DNS failure Setting up for protocols that don't like load balancing Some sites (for example banking sites) get upset when requests from a single session come from different IP addresses. To avoid this, protocols that are likely to suffer from load balancing are setup to favour 1 connection. http://doc.pfsense.org/index.php/MultiWanVersion1.2 06-Jul-11
Multi-WAN Version 1.2.x - PFSenseDocs Page 10 of 11 Note that use of the sticky bit (see above) should avoid this issue. If you are not using sticky bit, you definitely need this. For each protocol that needs to be handled this way you need a rule on the LAN interface; the sample below is for https (port 443). The values marked in bold are the ones that change for different protocols. These rules need to be above the final load balancing rule, and below the rules for DMZ access. Parameter Value Action Pass Disabled unchecked Interface LAN Protocol TCP Source: not unchecked Source: type LAN subnet Source OS Any Destination: not unchecked Destination: type any Destination port range HTTPS Log checked initially; uncheck when known to be working Gateway WAN1FailsToWAN2 - or WAN2FailsToWAN1 as you prefer Description Route https through one working connection Other entries you are likely to need are SSH and POP3. For these just replace HTTPS in bold above with the protocol you requre, and amend the description. Further Rules for handling outgoing traffic Depending on usage there are likely to be other rules you will need for outgoing traffic. Setting up rules to access specific ISPs If you send traffic to hosts on a specific ISP (such as SMTP email) you may have to make sure that traffic goes to the right ISPs WAN connection. ISPs block mail being sent if it does not come from one of their customer's lines, so if you try to send mail through the wrong connection it will be rejected. If your WAN connections are from different ISPs and you send mail using SMTP you will need to do this. If you only use webmail (your email interface is a web browser, such as hotmail), you do not need this. The simplest way to handle this is to route all SMTP traffic to one ISP - of course if you send SMTP mail through both ISPs you will need to handle this a different way. For this type of use, the rule is setup to use only 1 WAN connection. This means that if the connection goes down, the traffic cannot pass, but as it would fail if it picked up the other connection this is the right behaviour. The example below is for SMTP, change the bold parameters for other traffic http://doc.pfsense.org/index.php/MultiWanVersion1.2 06-Jul-11
Multi-WAN Version 1.2.x - PFSenseDocs Page 11 of 11 These rules should go in above both DMZ and preferred traffic rules Parameter Value Action Pass Disabled unchecked Interface LAN Protocol TCP usually Source: not unchecked Source: type LAN subnet Source OS Any Destination: not unchecked Destination: type any Destination port SMTP range Log checked initially; uncheck when known to be working 192.168.0.254 or 192.168.1.254 or the appropriate gateway address for this Gateway traffic Description Route SMTP to the ISP that handles it This article is part of the HOWTO series. Retrieved from "http://doc.pfsense.org/index.php/Multi-WAN_Version_1.2.x" Categories: Howto | Multi-WAN Privacy policy About PFSenseDocs Disclaimers This page was last modified on 23 November 2009, at 18:14. This page has been accessed 156,863 times. http://doc.pfsense.org/index.php/MultiWanVersion1.2 06-Jul-11

Recommandé

Cisco router configuration tutorial
Cisco router configuration tutorialCisco router configuration tutorial
Cisco router configuration tutorialIT Tech
 
MTU (maximum transmission unit) & MRU (maximum receive unit)
MTU (maximum transmission unit) & MRU (maximum receive unit)MTU (maximum transmission unit) & MRU (maximum receive unit)
MTU (maximum transmission unit) & MRU (maximum receive unit)NetProtocol Xpert
 
Day 1 INTRODUCTION TO IOS AND CISCO ROUTERS
Day 1 INTRODUCTION TO IOS AND CISCO ROUTERSDay 1 INTRODUCTION TO IOS AND CISCO ROUTERS
Day 1 INTRODUCTION TO IOS AND CISCO ROUTERSanilinvns
 
Ccna PPT2
Ccna PPT2Ccna PPT2
Ccna PPT2AIRTEL
 
Securing Switch Access
Securing Switch Access Securing Switch Access
Securing Switch Access Netwax Lab
 
Cisco Router Basic Configuration
Cisco Router Basic ConfigurationCisco Router Basic Configuration
Cisco Router Basic ConfigurationProf. Erwin Globio
 
CCNA CheatSheet
CCNA CheatSheetCCNA CheatSheet
CCNA CheatSheetEng. Emad Al-Atoum
 
Routing and OSPF
Routing and OSPFRouting and OSPF
Routing and OSPFarpit
 

Recommandé

Cisco router configuration tutorial
Cisco router configuration tutorialCisco router configuration tutorial
Cisco router configuration tutorialIT Tech
 
MTU (maximum transmission unit) & MRU (maximum receive unit)
MTU (maximum transmission unit) & MRU (maximum receive unit)MTU (maximum transmission unit) & MRU (maximum receive unit)
MTU (maximum transmission unit) & MRU (maximum receive unit)NetProtocol Xpert
 
Day 1 INTRODUCTION TO IOS AND CISCO ROUTERS
Day 1 INTRODUCTION TO IOS AND CISCO ROUTERSDay 1 INTRODUCTION TO IOS AND CISCO ROUTERS
Day 1 INTRODUCTION TO IOS AND CISCO ROUTERSanilinvns
 
Ccna PPT2
Ccna PPT2Ccna PPT2
Ccna PPT2AIRTEL
 
Securing Switch Access
Securing Switch Access Securing Switch Access
Securing Switch Access Netwax Lab
 
Cisco Router Basic Configuration
Cisco Router Basic ConfigurationCisco Router Basic Configuration
Cisco Router Basic ConfigurationProf. Erwin Globio
 
CCNA CheatSheet
CCNA CheatSheetCCNA CheatSheet
CCNA CheatSheetEng. Emad Al-Atoum
 
Routing and OSPF
Routing and OSPFRouting and OSPF
Routing and OSPFarpit
 
Mpls vpn.rip
Mpls vpn.ripMpls vpn.rip
Mpls vpn.ripfarhanica
 
Router configuration in packet tracer
Router configuration in packet tracerRouter configuration in packet tracer
Router configuration in packet tracerAnabia Anabia
 
Ccna cheat sheet
Ccna cheat sheetCcna cheat sheet
Ccna cheat sheetaromal4frnz
 
Open shortest path first (ospf)
Open shortest path first (ospf)Open shortest path first (ospf)
Open shortest path first (ospf)Respa Peter
 
Example for configuring local attack defense
Example for configuring local attack defenseExample for configuring local attack defense
Example for configuring local attack defenseHuanetwork
 
Firewall Best Practices for VoIP on pfSense - pfSense Hangout October 2017
Firewall Best Practices for VoIP on pfSense - pfSense Hangout October 2017Firewall Best Practices for VoIP on pfSense - pfSense Hangout October 2017
Firewall Best Practices for VoIP on pfSense - pfSense Hangout October 2017Netgate
 
CCNA Router and IOS Basics
CCNA Router and IOS BasicsCCNA Router and IOS Basics
CCNA Router and IOS BasicsDsunte Wilson
 
Ccna day2
Ccna day2Ccna day2
Ccna day2danishrafiq
 
Packet Tracer: WAN, point to point links.
Packet Tracer: WAN, point to point links.Packet Tracer: WAN, point to point links.
Packet Tracer: WAN, point to point links.Rafat Khandaker
 
How to configure inband management for huawei ma5616
How to configure inband management for huawei ma5616How to configure inband management for huawei ma5616
How to configure inband management for huawei ma5616Huanetwork
 
Manage CISCO IOS
Manage CISCO IOSManage CISCO IOS
Manage CISCO IOSanilinvns
 
Building Scalable Data Center Networks
Building Scalable Data Center NetworksBuilding Scalable Data Center Networks
Building Scalable Data Center NetworksCumulus Networks
 
VIRTUAL LANS
VIRTUAL LANSVIRTUAL LANS
VIRTUAL LANSanilinvns
 
8. internal components of router
8. internal components of router8. internal components of router
8. internal components of routerSwarndeep Singh
 
High Availability on pfSense 2.4 - pfSense Hangout March 2017
High Availability on pfSense 2.4 - pfSense Hangout March 2017High Availability on pfSense 2.4 - pfSense Hangout March 2017
High Availability on pfSense 2.4 - pfSense Hangout March 2017Netgate
 
ASA Firewall Interview- Questions & Answers
ASA Firewall Interview- Questions & AnswersASA Firewall Interview- Questions & Answers
ASA Firewall Interview- Questions & AnswersNetProtocol Xpert
 
Ccna Imp Guide
Ccna Imp GuideCcna Imp Guide
Ccna Imp Guideabhijitgnbbl
 
Internet Routing Protocols: Fundamental Concepts of Distance-Vector and Link-...
Internet Routing Protocols: Fundamental Concepts of Distance-Vector and Link-...Internet Routing Protocols: Fundamental Concepts of Distance-Vector and Link-...
Internet Routing Protocols: Fundamental Concepts of Distance-Vector and Link-...Vishal Sharma, Ph.D.
 
Router commands
Router commandsRouter commands
Router commandsLaura Lahbib
 
Ccna day4
Ccna day4Ccna day4
Ccna day4danishrafiq
 
FreeBSD, ipfw and OpenVPN 2.1 server
FreeBSD, ipfw and OpenVPN 2.1 serverFreeBSD, ipfw and OpenVPN 2.1 server
FreeBSD, ipfw and OpenVPN 2.1 serverTomaz Muraus
 
PFSENSE Load Balance with Fail Over From Version Beta3
PFSENSE Load Balance with Fail Over From Version Beta3PFSENSE Load Balance with Fail Over From Version Beta3
PFSENSE Load Balance with Fail Over From Version Beta3series09
 

Contenu connexe

Tendances

Mpls vpn.rip
Mpls vpn.ripMpls vpn.rip
Mpls vpn.ripfarhanica
 
Router configuration in packet tracer
Router configuration in packet tracerRouter configuration in packet tracer
Router configuration in packet tracerAnabia Anabia
 
Ccna cheat sheet
Ccna cheat sheetCcna cheat sheet
Ccna cheat sheetaromal4frnz
 
Open shortest path first (ospf)
Open shortest path first (ospf)Open shortest path first (ospf)
Open shortest path first (ospf)Respa Peter
 
Example for configuring local attack defense
Example for configuring local attack defenseExample for configuring local attack defense
Example for configuring local attack defenseHuanetwork
 
Firewall Best Practices for VoIP on pfSense - pfSense Hangout October 2017
Firewall Best Practices for VoIP on pfSense - pfSense Hangout October 2017Firewall Best Practices for VoIP on pfSense - pfSense Hangout October 2017
Firewall Best Practices for VoIP on pfSense - pfSense Hangout October 2017Netgate
 
CCNA Router and IOS Basics
CCNA Router and IOS BasicsCCNA Router and IOS Basics
CCNA Router and IOS BasicsDsunte Wilson
 
Packet Tracer: WAN, point to point links.
Packet Tracer: WAN, point to point links.Packet Tracer: WAN, point to point links.
Packet Tracer: WAN, point to point links.Rafat Khandaker
 
How to configure inband management for huawei ma5616
How to configure inband management for huawei ma5616How to configure inband management for huawei ma5616
How to configure inband management for huawei ma5616Huanetwork
 
Manage CISCO IOS
Manage CISCO IOSManage CISCO IOS
Manage CISCO IOSanilinvns
 
Building Scalable Data Center Networks
Building Scalable Data Center NetworksBuilding Scalable Data Center Networks
Building Scalable Data Center NetworksCumulus Networks
 
VIRTUAL LANS
VIRTUAL LANSVIRTUAL LANS
VIRTUAL LANSanilinvns
 
8. internal components of router
8. internal components of router8. internal components of router
8. internal components of routerSwarndeep Singh
 
High Availability on pfSense 2.4 - pfSense Hangout March 2017
High Availability on pfSense 2.4 - pfSense Hangout March 2017High Availability on pfSense 2.4 - pfSense Hangout March 2017
High Availability on pfSense 2.4 - pfSense Hangout March 2017Netgate
 
ASA Firewall Interview- Questions & Answers
ASA Firewall Interview- Questions & AnswersASA Firewall Interview- Questions & Answers
ASA Firewall Interview- Questions & AnswersNetProtocol Xpert
 
Internet Routing Protocols: Fundamental Concepts of Distance-Vector and Link-...
Internet Routing Protocols: Fundamental Concepts of Distance-Vector and Link-...Internet Routing Protocols: Fundamental Concepts of Distance-Vector and Link-...
Internet Routing Protocols: Fundamental Concepts of Distance-Vector and Link-...Vishal Sharma, Ph.D.
 

Tendances (20)

Mpls vpn.rip
Mpls vpn.ripMpls vpn.rip
Mpls vpn.rip
 
Router configuration in packet tracer
Router configuration in packet tracerRouter configuration in packet tracer
Router configuration in packet tracer
 
Ccna cheat sheet
Ccna cheat sheetCcna cheat sheet
Ccna cheat sheet
 
Open shortest path first (ospf)
Open shortest path first (ospf)Open shortest path first (ospf)
Open shortest path first (ospf)
 
Example for configuring local attack defense
Example for configuring local attack defenseExample for configuring local attack defense
Example for configuring local attack defense
 
Firewall Best Practices for VoIP on pfSense - pfSense Hangout October 2017
Firewall Best Practices for VoIP on pfSense - pfSense Hangout October 2017Firewall Best Practices for VoIP on pfSense - pfSense Hangout October 2017
Firewall Best Practices for VoIP on pfSense - pfSense Hangout October 2017
 
CCNA Router and IOS Basics
CCNA Router and IOS BasicsCCNA Router and IOS Basics
CCNA Router and IOS Basics
 
Ccna day2
Ccna day2Ccna day2
Ccna day2
 
Packet Tracer: WAN, point to point links.
Packet Tracer: WAN, point to point links.Packet Tracer: WAN, point to point links.
Packet Tracer: WAN, point to point links.
 
How to configure inband management for huawei ma5616
How to configure inband management for huawei ma5616How to configure inband management for huawei ma5616
How to configure inband management for huawei ma5616
 
Manage CISCO IOS
Manage CISCO IOSManage CISCO IOS
Manage CISCO IOS
 
Building Scalable Data Center Networks
Building Scalable Data Center NetworksBuilding Scalable Data Center Networks
Building Scalable Data Center Networks
 
VIRTUAL LANS
VIRTUAL LANSVIRTUAL LANS
VIRTUAL LANS
 
8. internal components of router
8. internal components of router8. internal components of router
8. internal components of router
 
High Availability on pfSense 2.4 - pfSense Hangout March 2017
High Availability on pfSense 2.4 - pfSense Hangout March 2017High Availability on pfSense 2.4 - pfSense Hangout March 2017
High Availability on pfSense 2.4 - pfSense Hangout March 2017
 
ASA Firewall Interview- Questions & Answers
ASA Firewall Interview- Questions & AnswersASA Firewall Interview- Questions & Answers
ASA Firewall Interview- Questions & Answers
 
Ccna Imp Guide
Ccna Imp GuideCcna Imp Guide
Ccna Imp Guide
 
Internet Routing Protocols: Fundamental Concepts of Distance-Vector and Link-...
Internet Routing Protocols: Fundamental Concepts of Distance-Vector and Link-...Internet Routing Protocols: Fundamental Concepts of Distance-Vector and Link-...
Internet Routing Protocols: Fundamental Concepts of Distance-Vector and Link-...
 
Router commands
Router commandsRouter commands
Router commands
 
Ccna day4
Ccna day4Ccna day4
Ccna day4
 

Similaire à Multi wanversion1.2

FreeBSD, ipfw and OpenVPN 2.1 server
FreeBSD, ipfw and OpenVPN 2.1 serverFreeBSD, ipfw and OpenVPN 2.1 server
FreeBSD, ipfw and OpenVPN 2.1 serverTomaz Muraus
 
PFSENSE Load Balance with Fail Over From Version Beta3
PFSENSE Load Balance with Fail Over From Version Beta3PFSENSE Load Balance with Fail Over From Version Beta3
PFSENSE Load Balance with Fail Over From Version Beta3series09
 
66 pfsense tutorial
66 pfsense tutorial66 pfsense tutorial
66 pfsense tutorialequinonesr
 
the-pfsense-documentation.pdf
the-pfsense-documentation.pdfthe-pfsense-documentation.pdf
the-pfsense-documentation.pdfFrankCosta30
 
To setup the simplest IPv6 network you just have to boot up a host o.pdf
To setup the simplest IPv6 network you just have to boot up a host o.pdfTo setup the simplest IPv6 network you just have to boot up a host o.pdf
To setup the simplest IPv6 network you just have to boot up a host o.pdfaptexx
 
Multi-WAN on pfSense 2.3 - pfSense Hangout March 2016
Multi-WAN on pfSense 2.3 - pfSense Hangout March 2016Multi-WAN on pfSense 2.3 - pfSense Hangout March 2016
Multi-WAN on pfSense 2.3 - pfSense Hangout March 2016Netgate
 
There and back again
There and back againThere and back again
There and back againJon Spriggs
 
Nat failover with dual isp on cisco router configuration explained with example
Nat failover with dual isp on cisco router configuration explained with exampleNat failover with dual isp on cisco router configuration explained with example
Nat failover with dual isp on cisco router configuration explained with exampleunixhowto
 
Creating a DMZ - pfSense Hangout January 2016
Creating a DMZ - pfSense Hangout January 2016Creating a DMZ - pfSense Hangout January 2016
Creating a DMZ - pfSense Hangout January 2016Netgate
 
Hacom%20pf sense%20quick start%20guide
Hacom%20pf sense%20quick start%20guideHacom%20pf sense%20quick start%20guide
Hacom%20pf sense%20quick start%20guideHARRY CHAN PUTRA
 
Configure basic firewall and vpn
Configure basic firewall and vpnConfigure basic firewall and vpn
Configure basic firewall and vpnKumar
 
Lesson.7: Configuring IP Routing A
Lesson.7: Configuring IP Routing ALesson.7: Configuring IP Routing A
Lesson.7: Configuring IP Routing AMahmmoud Mahdi
 
Guide to home networking
Guide to home networkingGuide to home networking
Guide to home networkingDilan Gilluly
 
Sharing your-internet-connection-on-linux
Sharing your-internet-connection-on-linuxSharing your-internet-connection-on-linux
Sharing your-internet-connection-on-linuxjasembo
 
Modul 1 integration island
Modul 1 integration islandModul 1 integration island
Modul 1 integration islandCyberSpace
 

Similaire à Multi wanversion1.2 (20)

FreeBSD, ipfw and OpenVPN 2.1 server
FreeBSD, ipfw and OpenVPN 2.1 serverFreeBSD, ipfw and OpenVPN 2.1 server
FreeBSD, ipfw and OpenVPN 2.1 server
 
PFSENSE Load Balance with Fail Over From Version Beta3
PFSENSE Load Balance with Fail Over From Version Beta3PFSENSE Load Balance with Fail Over From Version Beta3
PFSENSE Load Balance with Fail Over From Version Beta3
 
66 pfsense tutorial
66 pfsense tutorial66 pfsense tutorial
66 pfsense tutorial
 
the-pfsense-documentation.pdf
the-pfsense-documentation.pdfthe-pfsense-documentation.pdf
the-pfsense-documentation.pdf
 
66 pf sensetutorial
66 pf sensetutorial66 pf sensetutorial
66 pf sensetutorial
 
66_pfSenseTutorial
66_pfSenseTutorial66_pfSenseTutorial
66_pfSenseTutorial
 
66_pfSenseTutorial
66_pfSenseTutorial66_pfSenseTutorial
66_pfSenseTutorial
 
To setup the simplest IPv6 network you just have to boot up a host o.pdf
To setup the simplest IPv6 network you just have to boot up a host o.pdfTo setup the simplest IPv6 network you just have to boot up a host o.pdf
To setup the simplest IPv6 network you just have to boot up a host o.pdf
 
Multi-WAN on pfSense 2.3 - pfSense Hangout March 2016
Multi-WAN on pfSense 2.3 - pfSense Hangout March 2016Multi-WAN on pfSense 2.3 - pfSense Hangout March 2016
Multi-WAN on pfSense 2.3 - pfSense Hangout March 2016
 
There and back again
There and back againThere and back again
There and back again
 
Nat failover with dual isp on cisco router configuration explained with example
Nat failover with dual isp on cisco router configuration explained with exampleNat failover with dual isp on cisco router configuration explained with example
Nat failover with dual isp on cisco router configuration explained with example
 
Creating a DMZ - pfSense Hangout January 2016
Creating a DMZ - pfSense Hangout January 2016Creating a DMZ - pfSense Hangout January 2016
Creating a DMZ - pfSense Hangout January 2016
 
CCNA 1 Chapter 6 v5.0 2014
CCNA 1 Chapter 6 v5.0 2014CCNA 1 Chapter 6 v5.0 2014
CCNA 1 Chapter 6 v5.0 2014
 
Hacom%20pf sense%20quick start%20guide
Hacom%20pf sense%20quick start%20guideHacom%20pf sense%20quick start%20guide
Hacom%20pf sense%20quick start%20guide
 
Configure basic firewall and vpn
Configure basic firewall and vpnConfigure basic firewall and vpn
Configure basic firewall and vpn
 
Lesson.7: Configuring IP Routing A
Lesson.7: Configuring IP Routing ALesson.7: Configuring IP Routing A
Lesson.7: Configuring IP Routing A
 
Guide to home networking
Guide to home networkingGuide to home networking
Guide to home networking
 
Sharing your-internet-connection-on-linux
Sharing your-internet-connection-on-linuxSharing your-internet-connection-on-linux
Sharing your-internet-connection-on-linux
 
Modul 1 integration island
Modul 1 integration islandModul 1 integration island
Modul 1 integration island
 
DHCP concept
DHCP conceptDHCP concept
DHCP concept
 

Dernier

Lilac Illustrated Social Psychology Presentation.pptx
Lilac Illustrated Social Psychology Presentation.pptxLilac Illustrated Social Psychology Presentation.pptx
Lilac Illustrated Social Psychology Presentation.pptxABMWeaklings
 
$ Love Spells^ 💎 (310) 882-6330 in West Virginia, WV | Psychic Reading Best B...
$ Love Spells^ 💎 (310) 882-6330 in West Virginia, WV | Psychic Reading Best B...$ Love Spells^ 💎 (310) 882-6330 in West Virginia, WV | Psychic Reading Best B...
$ Love Spells^ 💎 (310) 882-6330 in West Virginia, WV | Psychic Reading Best B...PsychicRuben LoveSpells
 
Breath, Brain & Beyond_A Holistic Approach to Peak Performance.pdf
Breath, Brain & Beyond_A Holistic Approach to Peak Performance.pdfBreath, Brain & Beyond_A Holistic Approach to Peak Performance.pdf
Breath, Brain & Beyond_A Holistic Approach to Peak Performance.pdfJess Walker
 
9892124323, Call Girls in mumbai, Vashi Call Girls , Kurla Call girls
9892124323, Call Girls in mumbai, Vashi Call Girls , Kurla Call girls9892124323, Call Girls in mumbai, Vashi Call Girls , Kurla Call girls
9892124323, Call Girls in mumbai, Vashi Call Girls , Kurla Call girlsPooja Nehwal
 
8377087607 Full Enjoy @24/7-CLEAN-Call Girls In Chhatarpur,
8377087607 Full Enjoy @24/7-CLEAN-Call Girls In Chhatarpur,8377087607 Full Enjoy @24/7-CLEAN-Call Girls In Chhatarpur,
8377087607 Full Enjoy @24/7-CLEAN-Call Girls In Chhatarpur,dollysharma2066
 
Call Girls in Kalyan Vihar Delhi 💯 Call Us 🔝8264348440🔝
Call Girls in Kalyan Vihar Delhi 💯 Call Us 🔝8264348440🔝Call Girls in Kalyan Vihar Delhi 💯 Call Us 🔝8264348440🔝
Call Girls in Kalyan Vihar Delhi 💯 Call Us 🔝8264348440🔝soniya singh
 
《塔夫斯大学毕业证成绩单购买》做Tufts文凭毕业证成绩单/伪造美国假文凭假毕业证书图片Q微信741003700《塔夫斯大学毕业证购买》《Tufts毕业文...
《塔夫斯大学毕业证成绩单购买》做Tufts文凭毕业证成绩单/伪造美国假文凭假毕业证书图片Q微信741003700《塔夫斯大学毕业证购买》《Tufts毕业文...《塔夫斯大学毕业证成绩单购买》做Tufts文凭毕业证成绩单/伪造美国假文凭假毕业证书图片Q微信741003700《塔夫斯大学毕业证购买》《Tufts毕业文...
《塔夫斯大学毕业证成绩单购买》做Tufts文凭毕业证成绩单/伪造美国假文凭假毕业证书图片Q微信741003700《塔夫斯大学毕业证购买》《Tufts毕业文...ur8mqw8e
 
文凭办理《原版美国USU学位证书》犹他州立大学毕业证制作成绩单修改
文凭办理《原版美国USU学位证书》犹他州立大学毕业证制作成绩单修改文凭办理《原版美国USU学位证书》犹他州立大学毕业证制作成绩单修改
文凭办理《原版美国USU学位证书》犹他州立大学毕业证制作成绩单修改atducpo
 
Reinventing Corporate Philanthropy_ Strategies for Meaningful Impact by Leko ...
Reinventing Corporate Philanthropy_ Strategies for Meaningful Impact by Leko ...Reinventing Corporate Philanthropy_ Strategies for Meaningful Impact by Leko ...
Reinventing Corporate Philanthropy_ Strategies for Meaningful Impact by Leko ...Leko Durda
 
CALL ON ➥8923113531 🔝Call Girls Rajajipuram Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Rajajipuram Lucknow best sexual serviceCALL ON ➥8923113531 🔝Call Girls Rajajipuram Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Rajajipuram Lucknow best sexual serviceanilsa9823
 
办理国外毕业证学位证《原版美国montana文凭》蒙大拿州立大学毕业证制作成绩单修改
办理国外毕业证学位证《原版美国montana文凭》蒙大拿州立大学毕业证制作成绩单修改办理国外毕业证学位证《原版美国montana文凭》蒙大拿州立大学毕业证制作成绩单修改
办理国外毕业证学位证《原版美国montana文凭》蒙大拿州立大学毕业证制作成绩单修改atducpo
 
CALL ON ➥8923113531 🔝Call Girls Adil Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Adil Nagar Lucknow best Female serviceCALL ON ➥8923113531 🔝Call Girls Adil Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Adil Nagar Lucknow best Female serviceanilsa9823
 
Lucknow 💋 High Class Call Girls Lucknow 10k @ I'm VIP Independent Escorts Gir...
Lucknow 💋 High Class Call Girls Lucknow 10k @ I'm VIP Independent Escorts Gir...Lucknow 💋 High Class Call Girls Lucknow 10k @ I'm VIP Independent Escorts Gir...
Lucknow 💋 High Class Call Girls Lucknow 10k @ I'm VIP Independent Escorts Gir...anilsa9823
 
LC_YouSaidYes_NewBelieverBookletDone.pdf
LC_YouSaidYes_NewBelieverBookletDone.pdfLC_YouSaidYes_NewBelieverBookletDone.pdf
LC_YouSaidYes_NewBelieverBookletDone.pdfpastor83
 
Call Girls In Andheri East Call US Pooja📞 9892124323 Book Hot And
Call Girls In Andheri East Call US Pooja📞 9892124323 Book Hot AndCall Girls In Andheri East Call US Pooja📞 9892124323 Book Hot And
Call Girls In Andheri East Call US Pooja📞 9892124323 Book Hot AndPooja Nehwal
 
CALL ON ➥8923113531 🔝Call Girls Mahanagar Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Mahanagar Lucknow best sexual serviceCALL ON ➥8923113531 🔝Call Girls Mahanagar Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Mahanagar Lucknow best sexual serviceanilsa9823
 
REFLECTIONS Newsletter Jan-Jul 2024.pdf.pdf
REFLECTIONS Newsletter Jan-Jul 2024.pdf.pdfREFLECTIONS Newsletter Jan-Jul 2024.pdf.pdf
REFLECTIONS Newsletter Jan-Jul 2024.pdf.pdfssusere8ea60
 
call girls in candolim beach 9870370636] NORTH GOA ..
call girls in candolim beach 9870370636] NORTH GOA ..call girls in candolim beach 9870370636] NORTH GOA ..
call girls in candolim beach 9870370636] NORTH GOA ..nishakur201
 
CALL ON ➥8923113531 🔝Call Girls Aliganj Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Aliganj Lucknow best sexual serviceCALL ON ➥8923113531 🔝Call Girls Aliganj Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Aliganj Lucknow best sexual serviceanilsa9823
 

Dernier (20)

Lilac Illustrated Social Psychology Presentation.pptx
Lilac Illustrated Social Psychology Presentation.pptxLilac Illustrated Social Psychology Presentation.pptx
Lilac Illustrated Social Psychology Presentation.pptx
 
$ Love Spells^ 💎 (310) 882-6330 in West Virginia, WV | Psychic Reading Best B...
$ Love Spells^ 💎 (310) 882-6330 in West Virginia, WV | Psychic Reading Best B...$ Love Spells^ 💎 (310) 882-6330 in West Virginia, WV | Psychic Reading Best B...
$ Love Spells^ 💎 (310) 882-6330 in West Virginia, WV | Psychic Reading Best B...
 
Breath, Brain & Beyond_A Holistic Approach to Peak Performance.pdf
Breath, Brain & Beyond_A Holistic Approach to Peak Performance.pdfBreath, Brain & Beyond_A Holistic Approach to Peak Performance.pdf
Breath, Brain & Beyond_A Holistic Approach to Peak Performance.pdf
 
9892124323, Call Girls in mumbai, Vashi Call Girls , Kurla Call girls
9892124323, Call Girls in mumbai, Vashi Call Girls , Kurla Call girls9892124323, Call Girls in mumbai, Vashi Call Girls , Kurla Call girls
9892124323, Call Girls in mumbai, Vashi Call Girls , Kurla Call girls
 
8377087607 Full Enjoy @24/7-CLEAN-Call Girls In Chhatarpur,
8377087607 Full Enjoy @24/7-CLEAN-Call Girls In Chhatarpur,8377087607 Full Enjoy @24/7-CLEAN-Call Girls In Chhatarpur,
8377087607 Full Enjoy @24/7-CLEAN-Call Girls In Chhatarpur,
 
Call Girls in Kalyan Vihar Delhi 💯 Call Us 🔝8264348440🔝
Call Girls in Kalyan Vihar Delhi 💯 Call Us 🔝8264348440🔝Call Girls in Kalyan Vihar Delhi 💯 Call Us 🔝8264348440🔝
Call Girls in Kalyan Vihar Delhi 💯 Call Us 🔝8264348440🔝
 
《塔夫斯大学毕业证成绩单购买》做Tufts文凭毕业证成绩单/伪造美国假文凭假毕业证书图片Q微信741003700《塔夫斯大学毕业证购买》《Tufts毕业文...
《塔夫斯大学毕业证成绩单购买》做Tufts文凭毕业证成绩单/伪造美国假文凭假毕业证书图片Q微信741003700《塔夫斯大学毕业证购买》《Tufts毕业文...《塔夫斯大学毕业证成绩单购买》做Tufts文凭毕业证成绩单/伪造美国假文凭假毕业证书图片Q微信741003700《塔夫斯大学毕业证购买》《Tufts毕业文...
《塔夫斯大学毕业证成绩单购买》做Tufts文凭毕业证成绩单/伪造美国假文凭假毕业证书图片Q微信741003700《塔夫斯大学毕业证购买》《Tufts毕业文...
 
文凭办理《原版美国USU学位证书》犹他州立大学毕业证制作成绩单修改
文凭办理《原版美国USU学位证书》犹他州立大学毕业证制作成绩单修改文凭办理《原版美国USU学位证书》犹他州立大学毕业证制作成绩单修改
文凭办理《原版美国USU学位证书》犹他州立大学毕业证制作成绩单修改
 
Reinventing Corporate Philanthropy_ Strategies for Meaningful Impact by Leko ...
Reinventing Corporate Philanthropy_ Strategies for Meaningful Impact by Leko ...Reinventing Corporate Philanthropy_ Strategies for Meaningful Impact by Leko ...
Reinventing Corporate Philanthropy_ Strategies for Meaningful Impact by Leko ...
 
CALL ON ➥8923113531 🔝Call Girls Rajajipuram Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Rajajipuram Lucknow best sexual serviceCALL ON ➥8923113531 🔝Call Girls Rajajipuram Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Rajajipuram Lucknow best sexual service
 
办理国外毕业证学位证《原版美国montana文凭》蒙大拿州立大学毕业证制作成绩单修改
办理国外毕业证学位证《原版美国montana文凭》蒙大拿州立大学毕业证制作成绩单修改办理国外毕业证学位证《原版美国montana文凭》蒙大拿州立大学毕业证制作成绩单修改
办理国外毕业证学位证《原版美国montana文凭》蒙大拿州立大学毕业证制作成绩单修改
 
CALL ON ➥8923113531 🔝Call Girls Adil Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Adil Nagar Lucknow best Female serviceCALL ON ➥8923113531 🔝Call Girls Adil Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Adil Nagar Lucknow best Female service
 
Lucknow 💋 High Class Call Girls Lucknow 10k @ I'm VIP Independent Escorts Gir...
Lucknow 💋 High Class Call Girls Lucknow 10k @ I'm VIP Independent Escorts Gir...Lucknow 💋 High Class Call Girls Lucknow 10k @ I'm VIP Independent Escorts Gir...
Lucknow 💋 High Class Call Girls Lucknow 10k @ I'm VIP Independent Escorts Gir...
 
LC_YouSaidYes_NewBelieverBookletDone.pdf
LC_YouSaidYes_NewBelieverBookletDone.pdfLC_YouSaidYes_NewBelieverBookletDone.pdf
LC_YouSaidYes_NewBelieverBookletDone.pdf
 
Call Girls In Andheri East Call US Pooja📞 9892124323 Book Hot And
Call Girls In Andheri East Call US Pooja📞 9892124323 Book Hot AndCall Girls In Andheri East Call US Pooja📞 9892124323 Book Hot And
Call Girls In Andheri East Call US Pooja📞 9892124323 Book Hot And
 
CALL ON ➥8923113531 🔝Call Girls Mahanagar Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Mahanagar Lucknow best sexual serviceCALL ON ➥8923113531 🔝Call Girls Mahanagar Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Mahanagar Lucknow best sexual service
 
REFLECTIONS Newsletter Jan-Jul 2024.pdf.pdf
REFLECTIONS Newsletter Jan-Jul 2024.pdf.pdfREFLECTIONS Newsletter Jan-Jul 2024.pdf.pdf
REFLECTIONS Newsletter Jan-Jul 2024.pdf.pdf
 
call girls in candolim beach 9870370636] NORTH GOA ..
call girls in candolim beach 9870370636] NORTH GOA ..call girls in candolim beach 9870370636] NORTH GOA ..
call girls in candolim beach 9870370636] NORTH GOA ..
 
CALL ON ➥8923113531 🔝Call Girls Aliganj Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Aliganj Lucknow best sexual serviceCALL ON ➥8923113531 🔝Call Girls Aliganj Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Aliganj Lucknow best sexual service
 
escort service sasti (*~Call Girls in Paschim Vihar Metro❤️9953056974
escort service sasti (*~Call Girls in Paschim Vihar Metro❤️9953056974escort service sasti (*~Call Girls in Paschim Vihar Metro❤️9953056974
escort service sasti (*~Call Girls in Paschim Vihar Metro❤️9953056974
 

Multi wanversion1.2

  • 1. Multi-WAN Version 1.2.x - PFSenseDocs Page 1 of 11 Search Submit Query Personal tools ■ Log in Multi-WAN Version 1.2.x From PFSenseDocs (Redirected from MultiWanVersion1.2) This community-contributed guide leaves out some important information and considerations. The best source of multi-WAN information is in the pfSense book (http://pfsense.org/book) . Introduction This setup enables pfSense to load balance traffic from your LAN to multiple internet connections (WANs). Traffic from the LAN is shared out on a round robin basis across the available WANs. pfSense monitors each WAN connection, using an IP address you provide, and if the monitor fails, a failover configuration is used, this typically just feeds all traffic down the other connection(s). This example sets up 2 WANs, but 3 or more can be used by simply extending what this page describes. Note that currently most pfSense add-on packages do NOT support multi WAN and all their traffic will use the WAN connection. Contents ■ 1 Introduction ■ 2 Overview ■ 3 Before you start ■ 3.1 Target network setup ■ 4 Finishing pfSense console setup ■ 5 Setting up your modems / routers ■ 5.1 Router mode setup ■ 5.2 Bridge mode setup ■ 6 Using the pfSense Wizard ■ 7 Initial setup for Load balancing ■ 7.1 Finishing the interfaces setup ■ 7.1.1 Setting up the OPT 1 interface http://doc.pfsense.org/index.php/MultiWanVersion1.2 06-Jul-11
  • 2. Multi-WAN Version 1.2.x - PFSenseDocs Page 2 of 11 ■ 7.1.2 Checking interfaces ■ 7.2 Setting up Load Balancing pools ■ 7.2.1 Overview ■ 7.2.2 Selecting a Monitor IP address ■ 7.2.3 Setting up the pools ■ 7.3 Setting up DNS for Load Balancing ■ 7.4 Sticky Connections ■ 7.5 Basic Firewall Rules ■ 7.5.1 First 3 rules ■ 7.5.2 Setting up for protocols that don't like load balancing ■ 8 Further Rules for handling outgoing traffic ■ 8.1 Setting up rules to access specific ISPs Overview This guide helps you setup pfSense to support a local network (the LAN) and 2 connections to the internet (WAN and WAN2). Most traffic is shared out between the 2 WAN connections, but specific rules are also setup for some types of traffic to only use 1 connection (for example https), where load balancing can cause problems. pfSense runs in a small system that uses 3 network interface cards Networks and computers in a (NICs), 1 for each of the WANs and 1 for the LAN. multi WAN installation pfSense can also be run in a virtual machine for testing and lightweight use, although this is not as secure or robust as a physical machine implementation. The guide also shows how to setup access from the internet to servers on the internal network, and has guides to the setup for some specific applications. Note that if you install servers connected to DMZ1 or DMZ2, these are not protected by pfSense, and will have to be internet hardened. Before you start You must have completed the basic pfSense installation. Target network setup This guide assumes the following network setup; you can easily do something different, but you will need to translate network addresses appropriately if you do. 1. Your ISPs have assigned a single IP address for each internet connection (which could be dynamic) and you are using your modem / routers in router mode (some guidance on other variants of this are included in the details below). 2. DMZ 1 is going to use the subnet 192.168.0.0/24 This means that DMZ 1 uses IP addresses between 192.168.0.0 and 192.168.0.254. http://doc.pfsense.org/index.php/MultiWanVersion1.2 06-Jul-11
  • 3. Multi-WAN Version 1.2.x - PFSenseDocs Page 3 of 11 3. DMZ 2 is going to use the subnet 192.168.1.0/24 This means that DMZ 2 uses IP addresses between 192.168.1.0 and 192.168.1.254 4. The LAN uses subnet 192.168.10.0/24 This means that the internal network uses IP addresses between 192.168.10.0 and 192.168.10.254 You should pick up the 3 interface cards. Note that if you have DHCP turned off on your WAN1 modem router, there will be a long pause here while pfSense tries to pick up an IP address. Finishing pfSense console setup The console will eventually give a prompt pfSense console setup. Select option 2 and setup up the LAN interface as follows: LAN IP Address 192.168.10.254 subnet bit count 24 (for a class C space) - this will allow up 250 computers to be used DHCP y DHCP start address 192.168.10.10 DHCP end address 192.168.10.200 You should now be able to plug a PC into the network, and it will be allocated an IP address and you will be able to access pfSense web interface (although not much else yet). Setting up your modems / routers Router mode setup If you have CABLE/DSL modems that are bridge routers you may want to use them in router mode. The client ID (PPPoE) is installed on the modem/router and the modem/router maps the Public IP it receives to a Private IP on the modem/router LAN interface. How to do this is specific to each modem/router. WAN (WAN1) OPT1 (WAN2) setting Modem / router setup for load modem / router modem / router balancing in router mode LAN IP 192.168.0.254 192.168.1.254 address Subnet mask 255.255.255.0 255.255.255.0 DHCP on on DHCP 192.168.0.10 - 192.168.1.10 - address range 192.168.0.100 192.168.1.100 Once you have set up the modem/routers you can test them by plugging a PC into their network, and accessing your favourite web site. http://doc.pfsense.org/index.php/MultiWanVersion1.2 06-Jul-11
  • 4. Multi-WAN Version 1.2.x - PFSenseDocs Page 4 of 11 Or you can wait until the basic pfSense configuration is in place, and test through pfSense. Note if you are *cheating* by running multiple subnets on one physical network, you must have DHCP turned off on all but 1 subnet. Bridge mode setup If you have a fixed IP address from your ISP you can also use bridged mode for some or all of your connections. (If you do not have a fixed address it makes life complicated in pfSense) In bridged mode, the modem becomes a transparent (in IP terms) device, and your internet IP address is allocated to the pfSense interface. This makes life a bit simpler as it means there is one less NAT going on. Modem / router setup for load balancing in bridge and router You can usually set up at least WAN1 to work in bridge mode (if mode your modem / router allows it). as this connections allows PPPoE or bigpond account information to be configured in pfSense. If you do this, your ISP assigned address will replace the 192.168.x.y address (from the router mode setup above) in the later sections of the setup. Using the pfSense Wizard ■ Go to http://192.168.10.254 (or the address you gave pfSense if different) ■ Select System - Setup Wizard from the menu General parameters screen ■ hostname ■ leave as pfsense ■ domain ■ as you like - I use me.local at home ■ Primary DNS server ■ a DNS address from WAN1 DNS list ■ Secondary DNS server ■ a DNS address from WAN2 DNS list ■ Allow DNS server list to be overridden by DHCP/PPP on WAN ■ Unchecked - if this is checked you won't see the right DNS server list when you set up load balancing pools ■ Click next Note: it is important to use one from each (or use a public DNS service) or you will loose internet access when one or other connections fails. date, time and time zone screen ■ time server DNS name http://doc.pfsense.org/index.php/MultiWanVersion1.2 06-Jul-11
  • 5. Multi-WAN Version 1.2.x - PFSenseDocs Page 5 of 11 ■ its a good idea to select a local service - either the one your ISP provides, or a local pool.ntp.org address (for example uk.pool.ntp.org if you are in the UK, or one in your time zone). ■ Timezone ■ pick the right entry from the time zone. Note pfSense can provide an NTP service so all your local machines pick up time from pfSense. ■ click Next WAN configuration If have set your WAN modem router to DHCP, you can leave this set to DHCP, otherwise: ■ Selected type ■ Static ■ IP address ■ 192.168.0.1 /24 (or an address in your DMZ1 subnet) ■ Gateway ■ 192.168.0.254 (or the address you gave your fist modem / router If you are using a plain modem then you can set up your ISP account information here, I can't find a wiki page about this, but there several threads in the forums that discuss this. LAN configurationThis was set up through the console so shouldn't need changing Change your password and reboot Put in a sensible password, then let pfSense reboot. After Wizard general setup These settings make it easier to access machines on your local network - you can access them by name, and if you are running Windoze you will not suffer at the vagiaries of WINS. ■ Go into 'Services' - 'DNS Forwarder', turn on ■ Register DHCP leases in DNS forwarder ■ Register DHCP static mappings in DNS forwarder Initial setup for Load balancing Finishing the interfaces setup Now it is time to finish setting up the interfaces and make sure they are setup OK. Setting up the OPT 1 interface From the pfSense menu select Interfaces - OPT1 and set up as follows: enable Optional 1 interface checked Type http://doc.pfsense.org/index.php/MultiWanVersion1.2 06-Jul-11
  • 6. Multi-WAN Version 1.2.x - PFSenseDocs Page 6 of 11 Static - assumes you are not using an address assigned by your ISP MAC address and MTU do not usually need to be set - see info on screen Bridge with None IP address 192.168.1.1 /24 - or an appropriate address in DMZ 2 if you used a different subnet Optional 1 (WAN2) set up for Gateway a MultiWAN configuration 192.168.1.254 - or whatever address you gave modem / router 2 (or your ISP has assigned, if no routing being used) Checking interfaces From the pfsense menu select Interfaces - Assign and you should get an screen like the one of the right. Note your hex numbers (The MAC addresses) will be different. Now to check that pfSense can see your modem routers you use Diagnostics - Ping. With WAN 1 selected, enter the IP address of your modem / router - 192.168.0.254 if you are using the guide values in this document. Interfaces set up for a MultiWAN configuration If you are using using a modem / router without NAT, the check first that the WAN link is up and ping the DNS server address that you recorded earlier. FTP helper: Check also that FTP helper is only enabled for the LAN interface. That is it should be disabled on all WAN interfaces Setting up Load Balancing pools Overview This setup uses 3 pools 1. One pool for load balanced use when both WANS are working 2. One pool which prefers WAN 1, for use when WAN 2 has failed 3. One pool which prefers WAN 2, for use when WAN 1 has failed how the various Pools and These pools use the 2 gateways that are already established (by the gateways are related, and how they can be used interfaces WAN and WAN 2) to load balance and support failover when a WAN link fails Selecting a Monitor IP address http://doc.pfsense.org/index.php/MultiWanVersion1.2 06-Jul-11
  • 7. Multi-WAN Version 1.2.x - PFSenseDocs Page 7 of 11 pfSense monitors each WAN connection by pinging the monitor address you specify. If the ping fails, the link is marked down and the appropriate failover configuration is used (actually if the ping fails it retries a few times to be sure, this avoids false indications of the connection going down). Note that pfSense automatically sets up to route traffic to your monitor IP only down the link it is monitoring, so don't use a popular web site as this will force all its traffic down 1 link. Better to use a router or server in your ISP's network. Good addresses to use your ISP's DNS server (1 from each ISP). The web interface makes it easy to pick these when setting up the pools later. Other good monitor addresses are the default gateway your modem has assigned (if it responds to ping!), your ISP's webmail server, or a router within your ISP's network - you can find one of these by using traceroute to a public service, be careful though, larger ISPs will have networks that dynamically adapt so a router you see now may not be there an hour later! Setting up the pools We are going to set up 3 pools in Services - Load Balancer Note that each pool has 2 monitors set up, when complete the 1st pool should correspond to the screenshot on the right. Setup for the first (load balancing) pool Setting Pool 1 Pool 2 Pool 3 Pool name LoadBalance WAN1FailsToWAN2 WAN2FailsToWAN1 Round Robin load WAN 2 preferred when WAN 1 preferred when Description balancing WAN 1 fails WAN 2 fails Type Gateway Gateway Gateway Behavior Load Balancing Failover Failover Port Unused Unused Unused 1st Monitor IP DNS server 1 DNS server 2 DNS server 1 1st Interface WAN WAN2 WAN name 2nd Monitor DNS server 2 DNS server 1 DNS server 2 IP 2nd Interface WAN 2 WAN WAN2 name This finals screenshot shows the summary you should end up with. http://doc.pfsense.org/index.php/MultiWanVersion1.2 06-Jul-11
  • 8. Multi-WAN Version 1.2.x - PFSenseDocs Page 8 of 11 Setting up DNS for Load Balancing 3 pools set up ready for load balancing Make sure that you have a DNS server from each ISP in the General Settings. This will ensure that you have DNS service in case one ISP goes down. You will also need to setup Static Routes for each DNS server. In this example if the DNS is on the WAN link then the static route for that DNS server will have 192.168.0.254 as the gateway. If the DNS server is on the other ISP (ie OPT1) then the static route will have have 192.168.1.254 as the gateway. Sticky Connections pfSense Version 1.2 introduced Sticky connections, which can be used as part of a MultiWan setup. Where Sticky connections are used, some of the firewall rules previously used are no longer required; this is noted in the information below. 'Sticky connections' are a very good where there are many active systems / users, or where your WAN connections are fast, they are not so useful for small number of users on slower connections (as the multiple requests involved in fetching a single web page will not be shared across the available connections. Basic Firewall Rules These are the rules you need to add to support access from your LAN to the internet. Later sections describe the rules you need to support incoming access from the internet to machines on your LAN, this includes how to support peer to peer applications. First 3 rules If you do not need to access any of your systems from the internet, and you use sticky connections, then these are probably the only rules you will need. Set these rules up in Firewall - Rules, and then click the LAN tab. Rule Load Balance DMZ 1 DMZ 2 Position in Last Top Top(-1) rule list Action Pass Pass Pass Disabled Unchecked Unchecked Unchecked Interface LAN LAN LAN Protocol any any any Source LAN subnet LAN subnet LAN subnet Source OS any any any network: Destination any WAN2 subnet 192.168.0.0 / 24 Log no yes temporarily (see below) yes temporarily (see below) Schedule none none none Gateway LoadBalance default default Everything else gets Make sure DMZ 1 traffic Make sure DMZ 2 traffic Description shared out goes to right interface goes to WAN2 DMZ http://doc.pfsense.org/index.php/MultiWanVersion1.2 06-Jul-11
  • 9. Multi-WAN Version 1.2.x - PFSenseDocs Page 9 of 11 Rule logging It is always a good idea to put a new rule in with logging turned on, then check by generating some appropriate traffic, that the rule is working, then turn logging off once you know it is having the right effect. Rule explanation - Load Balance This rule must always be the last rule in the rule list. It catches anything else that is not special in any way, and load balances the traffic. Any rule that comes after this rule will never trigger, so may as well not be there! Rule explanation - DMZ 1 and DMZ 2 These rules make sure that any traffic to the modem / router, (or other machines that are connected to this subnet if you are not using bridge mode), go down the right WAN connection. Without these rules you will find strange things happening when you try to access your modem / router. These rules should always be top of the rule list as you do not want earlier rules to route this traffic elsewhere. Testing these rules Testing the DMZ rules Use a web browser to access the administration interface on your modem / router. Then use Status - System Logs, Firewall tab to check if the rule has fired. Testing the load balancing rule Access any site on the internet, then check the firewall log (as above) to see if the rule fired. Don't forget to turn off logging on the rules once you have checked them. Testing failover Now you should make sure that failover is working. ■ Switch off (or unplug) one modem / router ■ Check the pfSense Load balancer status screen ('Status' - 'Load Balancer') it should show (within a few seconds) that one link has failed. ■ if it shows that both links have failed, it probably means you have your monitor IP's the wrong way round. Use a trace route from PC on the LAN to trace the route to each monitor IP address and if it is using the wrong WAN link, re-setup the WAN links the right way round. ■ Now try accessing a internet site, it should appear without any problems. If it fails, then check the load balancer status (see above). If one link is still marked up, check that it is not a DNS failure Setting up for protocols that don't like load balancing Some sites (for example banking sites) get upset when requests from a single session come from different IP addresses. To avoid this, protocols that are likely to suffer from load balancing are setup to favour 1 connection. http://doc.pfsense.org/index.php/MultiWanVersion1.2 06-Jul-11
  • 10. Multi-WAN Version 1.2.x - PFSenseDocs Page 10 of 11 Note that use of the sticky bit (see above) should avoid this issue. If you are not using sticky bit, you definitely need this. For each protocol that needs to be handled this way you need a rule on the LAN interface; the sample below is for https (port 443). The values marked in bold are the ones that change for different protocols. These rules need to be above the final load balancing rule, and below the rules for DMZ access. Parameter Value Action Pass Disabled unchecked Interface LAN Protocol TCP Source: not unchecked Source: type LAN subnet Source OS Any Destination: not unchecked Destination: type any Destination port range HTTPS Log checked initially; uncheck when known to be working Gateway WAN1FailsToWAN2 - or WAN2FailsToWAN1 as you prefer Description Route https through one working connection Other entries you are likely to need are SSH and POP3. For these just replace HTTPS in bold above with the protocol you requre, and amend the description. Further Rules for handling outgoing traffic Depending on usage there are likely to be other rules you will need for outgoing traffic. Setting up rules to access specific ISPs If you send traffic to hosts on a specific ISP (such as SMTP email) you may have to make sure that traffic goes to the right ISPs WAN connection. ISPs block mail being sent if it does not come from one of their customer's lines, so if you try to send mail through the wrong connection it will be rejected. If your WAN connections are from different ISPs and you send mail using SMTP you will need to do this. If you only use webmail (your email interface is a web browser, such as hotmail), you do not need this. The simplest way to handle this is to route all SMTP traffic to one ISP - of course if you send SMTP mail through both ISPs you will need to handle this a different way. For this type of use, the rule is setup to use only 1 WAN connection. This means that if the connection goes down, the traffic cannot pass, but as it would fail if it picked up the other connection this is the right behaviour. The example below is for SMTP, change the bold parameters for other traffic http://doc.pfsense.org/index.php/MultiWanVersion1.2 06-Jul-11
  • 11. Multi-WAN Version 1.2.x - PFSenseDocs Page 11 of 11 These rules should go in above both DMZ and preferred traffic rules Parameter Value Action Pass Disabled unchecked Interface LAN Protocol TCP usually Source: not unchecked Source: type LAN subnet Source OS Any Destination: not unchecked Destination: type any Destination port SMTP range Log checked initially; uncheck when known to be working 192.168.0.254 or 192.168.1.254 or the appropriate gateway address for this Gateway traffic Description Route SMTP to the ISP that handles it This article is part of the HOWTO series. Retrieved from "http://doc.pfsense.org/index.php/Multi-WAN_Version_1.2.x" Categories: Howto | Multi-WAN Privacy policy About PFSenseDocs Disclaimers This page was last modified on 23 November 2009, at 18:14. This page has been accessed 156,863 times. http://doc.pfsense.org/index.php/MultiWanVersion1.2 06-Jul-11