Outline ·
[ Standard ] ·
Linear+
Unifi pfsense and Unifi Public IP Setup, pfsense with Unifi 5 fixed public IP
|
TSfrogege P
|
 Jul 4 2022, 12:16 PM, updated 4y ago
|
New Member
|
Hello, my goals to have a setup with High Availability Setup for my pfsense. Since I subscribed 5 fixed public IP from TM Unifi, How do I set it up properly to have like my pfsense-1(public_ip_1) pfsense-2(public_ip_2). But I google that two router cannot have PPPOE configuration at the same time. So here I'm very confuse how to setup PPPOE from TM Unifi with pfsense. I test for 1 router PPPOE setup works normally and able to get public IP from TM Unifi Vlan. Thanks.
https://pictr.com/images/2022/07/04/BRGp1r.md.png |
|
|
|
|
|
aneip
|
Jul 4 2022, 09:18 PM
|
|
|
To have HA with 2 pfsense then you need 2 line, not multiple IP address.
If you want 2nd public IP at 2nd pfsense. Just bridge 1 interface with pppoe and connect the interface to 2nd pfsense as wan interface. Use the 2nd IP as interface ip and 1st IP as gateway. But 1st pfsense need to be up also.
Or, use TM router as pppoe dialer. 2nd IP at 1st pfsense. 3rd IP at 2nd pfsense.
|
|
|
|
|
|
TSfrogege P
|
Jul 5 2022, 11:52 AM
|
New Member
|
QUOTE(aneip @ Jul 4 2022, 09:18 PM) To have HA with 2 pfsense then you need 2 line, not multiple IP address. If you want 2nd public IP at 2nd pfsense. Just bridge 1 interface with pppoe and connect the interface to 2nd pfsense as wan interface. Use the 2nd IP as interface ip and 1st IP as gateway. But 1st pfsense need to be up also. Or, use TM router as pppoe dialer. 2nd IP at 1st pfsense. 3rd IP at 2nd pfsense. I see, so if I choose the 2nd option that you mention, where NAT happen, is it on PPPOE dialer or my pfsense itself? |
|
|
|
|
|
TSfrogege P
|
Jul 5 2022, 12:08 PM
|
New Member
|
What I'm try to achieve is there architecture. Since I want pfsense handling NAT and OpenVPN server over there
https://pictr.com/images/2022/07/05/BR8RaY.md.png |
|
|
|
|
|
niakulah
|
Jul 5 2022, 03:43 PM
|
|
|
QUOTE(frogege @ Jul 5 2022, 12:08 PM) But why? Because from a high availability point of view, your ISP, dumb switch, and managed switch are all single points of failure. Unless you are just experimenting/labbing. |
|
|
|
|
|
aneip
|
Jul 5 2022, 10:04 PM
|
|
|
QUOTE(frogege @ Jul 5 2022, 11:52 AM) I see, so if I choose the 2nd option that you mention, where NAT happen, is it on PPPOE dialer or my pfsense itself? pfsense. There is no NAT at 1st router since it's public IP. |
|
|
|
|
|
TSfrogege P
|
Jul 14 2022, 11:25 AM
|
New Member
|
QUOTE(niakulah @ Jul 5 2022, 03:43 PM) But why? Because from a high availability point of view, your ISP, dumb switch, and managed switch are all single points of failure. Unless you are just experimenting/labbing. It just for my home lab. If I want to make HA point of view, what architecture its look like. |
|
|
|
|
|
niakulah
|
Jul 14 2022, 12:00 PM
|
|
|
QUOTE(frogege @ Jul 14 2022, 11:25 AM) It just for my home lab. If I want to make HA point of view, what architecture its look like. 1st result on Google for pfsense HA already gives you an example: https://docs.netgate.com/pfsense/en/latest/...ailability.htmlAnother way to do it would be to replace the 198.51.100.x segment in the example diagram with a private IP segment e.g. 10.10.10.x, then NAT your public IPs to the 2 FWs. |
|
|
|
|
|
TSfrogege P
|
Jul 14 2022, 02:29 PM
|
New Member
|
QUOTE(niakulah @ Jul 14 2022, 12:00 PM) 1st result on Google for pfsense HA already gives you an example: Another way to do it would be to replace the 198.51.100.x segment in the example diagram with a private IP segment e.g. 10.10.10.x, then NAT your public IPs to the 2 FWs. I see, but I don't quite understand with PPPoE connection. Since I only have 1 account right. How to configure it onto both pfsense. PPPoE connection is on WAN switch? or need configure on pfsense. Is that what you mean later will NAT tu public IP from pfsense.  |
|
|
|
|
|
niakulah
|
Jul 15 2022, 10:45 AM
|
|
|
QUOTE(frogege @ Jul 14 2022, 02:29 PM) I see, but I don't quite understand with PPPoE connection. Since I only have 1 account right. How to configure it onto both pfsense. PPPoE connection is on WAN switch? or need configure on pfsense. Is that what you mean later will NAT tu public IP from pfsense. If you see in the diagram, there is another equipment after the WAN switch before internet. This is usually a router/CPE. If using PPPoE it would be configured here. |
|
|
|
|
Quote
0.0219sec
0.64
5 queries
GZIP Disabled