Netgate SG-1000 microFirewall

Author Topic: Need to Reapply Default Gateway after brief WAN drop  (Read 55 times)

0 Members and 1 Guest are viewing this topic.

Offline ntc4000

  • Newbie
  • *
  • Posts: 1
  • Karma: +0/-0
    • View Profile
Need to Reapply Default Gateway after brief WAN drop
« on: February 19, 2018, 07:58:31 am »
We're having a strange issue at a few of our sites with PFSense firewalls. The WAN interface will drop briefly, like a few seconds at most, at which point the user will lose internet access until we log into the firewall and reapply the gateway. Remote access to the FW still works as does VPN to other sites. These are single WAN connections (Comcast, Optimum).

The logs usually display something like:

We've tried disabling gateway monitoring and disabling gateway monitoring action to no avail. This is happening at sites with both Netgate 2440s and Netgate 3100s

The logs usually show something like:

Jan 13 20:40:11    php-fpm    49750    /rc.linkup: Hotplug event detected for WAN1COM(wan) static IP (96.64.85.172 )
Jan 13 20:40:11    check_reload_status       rc.newwanip starting igb0
Jan 13 20:40:11    check_reload_status       Reloading filter
Jan 13 20:40:12    php-fpm    49750    /rc.newwanip: rc.newwanip: Info: starting on igb0.
Jan 13 20:40:12    php-fpm    49750    /rc.newwanip: rc.newwanip: on (IP address: 96.64.85.172) (interface: WAN1COM[wan]) (real interface: igb0).
Jan 13 20:40:12    check_reload_status       Reloading filter
Jan 13 20:40:46    rc.gateway_alarm    77603    >>> Gateway alarm: WAN1COMGW (Addr:96.64.85.174 Alarm:0 RTT:4898ms RTTsd:3127ms Loss:16%)
Jan 13 20:40:46    check_reload_status       updating dyndns WAN1COMGW
Jan 13 20:40:46    check_reload_status       Restarting ipsec tunnels
Jan 13 20:40:46    check_reload_status       Restarting OpenVPN tunnels/interfaces
Jan 13 20:40:46    check_reload_status       Reloading filter
Jan 13 20:40:47    php-fpm    49750    /rc.openvpn: OpenVPN: One or more OpenVPN tunnel endpoints may have changed its IP. Reloading endpoints that may use WAN1COMGW.

Is this a known issue with PFsense? We deploy a lot of these but it only seems to be happening at a handful of sites. Could this be an ISP problem?

Thanks for any help you can provide.