Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Assign Interface at the CLI/Script

    General pfSense Questions
    2
    5
    466
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jukebox
      last edited by

      Hi All,

      Appreciate that i am new here and was hoping for some help with something that has been bugging me for some time, all help much appreciated.

      I'm new here but have been using pfSense for quite a few years at home and in production environments. I use a VPN provider at home and have everything setup perfectly except one point. I have 3 separate VPN client tunnels setup and wish to regularly rotate amongst them, at the moment i achieve this by changing my VPN Interface assignment to the next OVPN Port on the list then restarting the OVPN service, this works but i was looking to write something to automate it via a script/cron job. No issues with the scripting of the OVPN service restart but i cannot find anyway of non-interactively assigning a port to an interface. Is anyone able to enlighten me with regards to this please?

      P.s. Version is latest - 2.4.2-RELEASE-p1

      Thanks In Advance
      Jamie

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        That sounds like a very โ€ฆ inefficient ... way to get that done.

        Why do you need to reassign the interface? Configure and assign all three and then use a gateway group with all of them to designate which one(s) to use at any given time. You can even load balance across them so connections can use them all.

        Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • J
          jukebox
          last edited by

          Thanks Jimp, never thought of that, will give it a go and report back. Many thanks for the assist.

          1 Reply Last reply Reply Quote 0
          • J
            jukebox
            last edited by

            So just gave this a whirl and just wanted to make sure i've not missed anything:

            1. Rename VPN interface to VPN1.
            2. Assign VPN Ports 2 & 3 to VPN2 & VPN3 Interfaces.
            3. Configure all 3 GW Monitor IP's to external ones.
            4. Add all three to a GW Group assigning them all to Tier1 (thus should Load Balance them then?).
            5. Update relevant FW rules to use the GW Group instead of the original one.
            6. Added additional Outboud NAT rules for the additional 2 VPN interfaces.
            7. Enable Sticky connections (not sure whether this is 100% required but from reading the description it seemed like a good idea).

            Again guys, the help is much appreciated.

            1 Reply Last reply Reply Quote 0
            • jimpJ
              jimp Rebel Alliance Developer Netgate
              last edited by

              1-3 Yes
              4 - Yes, all on the same tier will load balance connections
              5-6 Yes
              7 That's up to you, that may make the balancing a bit lopsided if you have certain heavy use clients but it's the best way to ensure multiple connections flow consistently.

              Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

              Need help fast? Netgate Global Support!

              Do not Chat/PM for help!

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.