Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Possible to single PFsense + dual WAN + high availability IPSec site-to-site

    Scheduled Pinned Locked Moved IPsec
    3 Posts 3 Posters 947 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      a2940uw
      last edited by

      Please excuse my poor English, I have 2 site both with dual WAN link connection, and I would like to know it is possible to setup the site to site IPSec VPN between 2 location with high availability, for example once the primary VPN link is go down cause by the WAN link fault, the backup VPN link will bring up or change to traffic route though the backup link in each site with single PFsense firewall.

      1 Reply Last reply Reply Quote 0
      • G
        georgeman
        last edited by

        You can do this with gateway groups and dynamic DNS, but it is not very reliable.

        The best way to do it is to set up GRE tunnels over IPsec transport mode, with OSPF on top of it to handle the routing.

        If it ain't broke, you haven't tampered enough with it

        S 1 Reply Last reply Reply Quote 0
        • S
          Senito @georgeman
          last edited by Senito

          This post is deleted!
          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.