PFsense failover wan

I’m setting up a TL-MR6400 router with a SIM card as a failover on PFSense, with a “pay what you use” 4G SIMcard in it.

Here is the question :
When setting up a PPPOE WAN in PFSense you can select “dail on demand”, so it only establishes this WAN connection when it’s actually needed (when it actually fails over essentially).

The problem is, that the TL-MR6400 is not PPPOE, it can only be set to “bridged” (because we don’t want double NAT, of course), so it transparently offers the WAN IP of the cable ISP as a DHCP IP to the PFSense port …

… and this type of WAN (DHCP) doesn’t seem to have this “dail on demand” function, or somethins similar.

Is there a way to do this ?
maybe with a firewall rule, or some other option ?

The reason is : when the main WAN is up (= no failover), it doesn’t need to make any connection to the failover WAN, because it’s just wasting data (and money because it’s “pay what you use”) for nothing (just for checking “are you still there, are you ok ?”, which it does constantly, as I can see in the traffic graphs …

It should only establish the second (failover) WAN connection when it’s actually needed (on actual failover).

Is there a way to basically shut it up, unless it’s actually needed for failover ?


I am not really sure as I have no clients using PPOE to do any testing with, If no one else here has an answer this question might have to be asked over in the pfsense forums.

I don’t get your answer …

My question is NOT about PPPOE … it’s just the opposite …

PPPOE has this feature, but other WAN’s don’t …

Sorry, I misread that. When setting up a WAN to be a fail over you set the tiers so there is a priority to the WAN you want to be primary. So no data should go out over the secondary unless the primary fails.

this is exactly the problem …

I have configured PFSense for “Failover” from Telenet ISP to Scarlet ISP.
but why is there still traffic on Scarlet ISP when Telenet ISP is perfectly online ?

look :

According to you (and to all common sense) it should be zero when there is no “fail-over” going on …

Have I done something wrong ?

I followed your video

these are my settings :



And I have sent the LAN gateway to the “failover” group …

Did I forget something ?
Did I do something wrong ?


Looks correct, here is a setup we have for a client, but you can see there is still a very small amount of traffic on the backup.

The traffic is caused by the gateway monitoring which if you want can be disabled here. Hope that helps

1 Like

aha !
I’ll give that a try first …
I’ll keep you (and the rest of the forum readers) posted !

(maybe someone else having this same problem can make good use of this conversation also - which is why you set up the forum after all … awesome !)


Hi Pascal, it would be interesting to know if you came right with your situation?

I dumped the SIM modem and got a DSL modem instead to do the failover …
the SIM account was too expensive (DSL much cheaper and unlimited, so not having to monitor the traffic anymore) …

Okay great, thanks for your response.