Deploying pfsense with OpenVPN client enforced/killswitch with backup redundancy



  • deploying pfsense with OpenVPN client enforced/killswitch with backup redundancy

    I’m looking for help.

    I basically have 2 vpn providers, I want to set pfsense so that OpenVPN is enforced on the first one (killswitch) so if it disconnect or cannot reconnect, all traffic/packets is forbidden and halted. And to add a secondary VPN to another server, so that if the main#1 doesnt work, it automatically tries to connect to the second one instead.

    Can anyone walk me through the settings for it? (I can find the openvpn settings for my provider fine) I just need instructions on the whole killswitch/failover hop to secondary part.

    Help would be GREATLY appreciated.



  • @demihalf

    What you are asking for is what Gateway Groups do. Under System >> Routing, configure a gateway group that includes your two VPN connections. Configure your primary VPN as Tier1 & secondary VPN as Tier 2. And configure the gateway trigger for member down. Then configure your routing policy rules to use the gateway group as the outbound gateway.

    No need for a walk through, just read up on these pfSense routing configuration items, that’s what they do.


 

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy