Can pfSense bond WANs at layer 2 (using a remote box)?
-
In Zeroshell one can use multiple VPNs to a remote box to bond WANs at layer 2. See http://www.zeroshell.org/load-balancing-failover/. Can a similar thing be achieved using two pfSense 2.1 boxes, and if so, how? I'm not too much interested in a speed increase, but I'd like to have one external IP (the remote box) and keep sessions working when either connection fails with minimal interruption. I'm afraid that OpenVPN failover and routing all traffic over the VPN won't suffice.
-
That kind of bonding isn't possible currently.
What you're after should be OK to do if you have the local firewall do NAT on the VPN interface as it leaves, to the OpenVPN tunnel IP, and then just use a standard gateway failover to move the traffic from one tunnel to the other if it goes down. You'll have to assign the OpenVPN interfaces for the gateways to appear.