Netgate Store

Author Topic: Using a PFsense behind another PFsense  (Read 173 times)

0 Members and 1 Guest are viewing this topic.

Offline sagaroth

  • Newbie
  • *
  • Posts: 20
  • Karma: +0/-0
    • View Profile
Using a PFsense behind another PFsense
« on: January 25, 2018, 05:31:48 am »
Hello everyone!

Here, I'm stuck on a configuration that I would like to set up on my network.
Currently, I have a PFsense in front of my network with a WAN interface and a LAN interface.
My goal is to have a second one set up for HA. The problem is that my second PFsense must be up to date (and I only have a WAN IP). So I would have liked to temporarily put this second PFsense behind my first PFsense by indicating my PFsense 1 as a Gateway on my PFsense 2. I created a LAN interface on this PFsense2 on the same network as the LAN interface of my PFsense 1.

Despite this, the traceroute to a public IP only sends me the first HOP and stops at PFsense 1 without going beyond it.

Have I forgotten something ?

Thank you in advance:)


Translated with www.DeepL.com/Translator

Offline realtec

  • Newbie
  • *
  • Posts: 3
  • Karma: +0/-1
    • View Profile
Re: Using a PFsense behind another PFsense
« Reply #1 on: January 25, 2018, 05:37:03 am »
How have you set this up?

The way I understand it is there is a CARP IP.... for example, 10.10.10.10 - Both boxes communicate over carp on that IP so you second PFSense box will update from you main one.


Offline sagaroth

  • Newbie
  • *
  • Posts: 20
  • Karma: +0/-0
    • View Profile
Re: Using a PFsense behind another PFsense
« Reply #2 on: January 25, 2018, 06:03:28 am »
At first I had set up a configuration via CARP, but the synchronization, so the recovery of WAN parameters from PFsense 1 was not done because PFsense 2 was not up to date.

So that's why I opted for a temporary configuration of this kind:

WAN <-> PFsense1 <-> LAN <-> PFsense2

On my PFsense1, the LAN interface is in 10.10.10.1, on my PFsense2, the LAN interface is in 10.10.10.2.
On my PFsense2, I have configured the gateway as PFsense1.


Offline sagaroth

  • Newbie
  • *
  • Posts: 20
  • Karma: +0/-0
    • View Profile
[Rsolved] Re: Using a PFsense behind another PFsense
« Reply #3 on: January 25, 2018, 07:58:36 am »
Resolved, I've add a Outbound Rule on my 1st PFsense to allow my 2nd PFsense to go to WAN through is LAN interface :)