Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPSec and gateway groups

    Scheduled Pinned Locked Moved IPsec
    1 Posts 1 Posters 434 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      streamholder
      last edited by

      Hello,

      I understand that pfSense has no support for automatically dropping and reconnecting an IPSec tunnel configured on a gateway group if the current gateway reaches the Trigger Level for the set type. I.e. if I have an IPSec tunnel over a gateway group with GW_A (Tier 1) and GW_B (Tier 2) with Trigger Level set to high latency, IPSec will keep using GW_A even if the high latency event is triggered.

      While we wait for Netgate (assuming they'll ever fix this), I want to implement the functionality in a cron script, since clients keep calling me that the Internet works but they have trouble connecting to their SaaS provider. The idea is to extract the gateway group information, "manually" check in the script whether something's wrong with any of the gateways, and if that's the case, move those gateways to a low tier while moving the good ones up.
      I know this sucks, but it sucks less than broken connectivity. :)
      Can anyone help me with extracting and rewriting configuration? Is there any documentation for that?

      Thanks!

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.