I’m moving my organization into using HA on our core firewall, which means new firewalls. Part of this requirement for pfsense HA is to have a switch between your upstream router and your firewall so that the two pfsense boxes can talk to each other over their WAN IP’s to determine if they are still up or not.
This requirement is only for one box, however I don’t want to introduce another single point of failure so I want two redundant WAN switches.
Does anyone have suggestions for this application? It seems like managed switches can cause complications, but if you mitigate certain multicast controls it’s not an issue. It would be better if I could remotely access these switches if there is an issue. These switches would only require a handful of ports so low port count is fine. Ideally I’d also like to see if I could find half-width switches so I could place both WAN switches in the same 1U slot in the rack.
I’m guessing I’m not the first to setup pfsense HA with failover WAN switches, if you have what have you bought?