Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Configuring "the same tunnel" on two different wan interfaces.

    Routing and Multi WAN
    3
    4
    750
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      Daniel-SP
      last edited by

      Hello,

      I'm current running PFsense 2.2.6 on a single Box (no CARP) with 2 WAN interfaces, each one from a different ISP, and I want to provide a failover IPSec tunnel option to my clients.
        My idea is to configure the same IpSec tunnel on each WAN interface, and keep both active, if my WAN-1 goes down, my client will try to use Tunnel on WAN-2.
        Is that possible? If not, Is there a way to do this with minimum manual intervention?

      Thanks, best regards.

      1 Reply Last reply Reply Quote 0
      • DerelictD
        Derelict LAYER 8 Netgate
        last edited by

        https://forum.pfsense.org/index.php?topic=58784.0

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • D
          Daniel-SP
          last edited by

          Hi Derelict,

          Thanks for your reply.
              I read the thread and I don't think this will help me.
              My clients don't have PFsense, actually I don't even know if they have multiwan,  and all messages asking about this failover method in the situation where the remote firewalls are not Pfsense didn't get any responses.
              Is there any other way around this?

          regards.

          1 Reply Last reply Reply Quote 0
          • dotdashD
            dotdash
            last edited by

            Not currently. You can create a parallel tunnel on the second wan and disable it for manual failover.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.