Dual Internet Connections

Started by spetrillo, September 14, 2021, 06:44:32 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
September 14, 2021, 06:44:32 PM
Hello all,

I currently am running OPNsense 21.7 on my Protectli firewall device. It is supporting my residential FIOS services. I am considering bringing in a FIOS Business connection and wanted to know if OPNsense/firewall could support two independent Internet services? Has anyone pulled this off?

Thanks,
Steve
September 15, 2021, 11:08:28 AM #1
Yes it works.

Load balancing or failover, you decide.

I'm running failover to LTE and it works so good that there even was one time I didnt notice that a failover had occured until I realised my bandwidth was lower than it's supposed to.

See here for more information:
https://docs.opnsense.org/manual/how-tos/multiwan.html
2x 25.1.9 VMs & CARP, 4x 2.1GHz, 8GB
Cisco L3 switch, ESXi, VDS, vmxnet3
DoT, Chrony, HAProxy + NAXSI, Suricata
VPN: IPSec, OpenVPN, Wireguard
MultiWAN: Fiber 500/500Mbit dual stack + 4G failover

--
Available for private support.
Did my answer help you? Feel free to click [applaud] to the left
September 16, 2021, 03:50:26 AM #2
I am actually not looking for failover or load balancing. One Internet connection is for my family and the second one is for my business. I just want to use one firewall to manage both connections. Can this work also?
September 16, 2021, 11:58:48 AM #3
Quote from: spetrillo on September 16, 2021, 03:50:26 AM
I am actually not looking for failover or load balancing. One Internet connection is for my family and the second one is for my business. I just want to use one firewall to manage both connections. Can this work also?

Yes, that can be solved.
2x 25.1.9 VMs & CARP, 4x 2.1GHz, 8GB
Cisco L3 switch, ESXi, VDS, vmxnet3
DoT, Chrony, HAProxy + NAXSI, Suricata
VPN: IPSec, OpenVPN, Wireguard
MultiWAN: Fiber 500/500Mbit dual stack + 4G failover

--
Available for private support.
Did my answer help you? Feel free to click [applaud] to the left
September 16, 2021, 07:03:17 PM #4
Thanks for that confirmation. I am waiting on some PCIe network cards to come in, so I can re-configure my current firewall. This could be an interesting solution.
September 16, 2021, 08:01:10 PM #5
Quote from: sorano on September 15, 2021, 11:08:28 AM
Load balancing or failover, you decide.
No need to decide, it can do both simultaneously. One can load balance and if one line dies it keeps using the working one as a failover.

Quote from: sorano on September 15, 2021, 11:08:28 AM
I'm running failover to LTE and it works so good that there even was one time I didnt notice that a failover had occured until I realised my bandwidth was lower than it's supposed to.
You failed to set up mail notifications, otherwise you would have noticed.

Quote from: spetrillo on September 16, 2021, 07:03:17 PM
Thanks for that confirmation. I am waiting on some PCIe network cards to come in, so I can re-configure my current firewall. This could be an interesting solution.
In each of your firewall rules, you can choose a gateway for e.g. a LAN source IP. So, no problem to use one (or more) dedicated WAN lines for different internal networks or IPs.
Print
Go Up Pages1
User actions