pfSense 2.2.5 - Redundancy with IPSEC



  • Good afternoon people,

    Environment:
    Company X - pfSense 2.2.4
    Branch Company X - pfSense 2.2.5

    Obs .: Each pfSense has two WAN IP FIXED interfaces , already working with IPSEC VPN point to point.

    To create redundancy , I tried to leave two VPNs with IPSEC configured in two different WAN interfaces , but the same problem presented route .
    I also tried to create a DDNS to register the IP that is coming out and let set in IPSEC , but took enough to change the DDNS IP and VPN rise.

    I wonder if there is another way to configure the VPN redundancy using IPSEC ?

    This is my first topic , if I did something wrong let me know.

    Thank you very much in advance.



  • I don't know if this helps you but we are doing ipsec redundancy with a CARP Cluster on each side and we bind the IPSEC Tunnel to the CARP VIP so if one system goes down the other system automatically kicks in and rebuilds the Tunnel. This obviously works only if you own continous IP Subnets on WAN Interfaces (we are using a dual LWL WAN Connection from Provider A which also provides the Copper SDSL Backup Connection to our datacenter over Provider B) so they move ove the IP Network from their side to the Backup connection). Not shure if this is possible on your side. Hope thhis helps anyways.


Log in to reply