4. pfSense IPSec VPN to non-pfSense with dual peer

pfSense IPSec VPN to non-pfSense with dual peer

  • C

    We have VPNs to 2 separate vendors that are not using pfSense, but they have two IPs that they want us to add for their VPN in our pfSense for failover.
    I can't find any way to accomplish this in our pfSense. Is it even possible?

    We are using pfSense version 2.4.4

    0
  • Rebel Alliance Developer Netgate

    Not easily. You can make a VPN to a hostname, and if the remote peer can update the hostname when a failover happens, that can trigger a failover.

    There isn't a way to use both peers at once at the moment though, not with tunneled IPsec.

    With routed IPsec (VTI) you could nail up a tunnel to both peer addresses and use a routing protocol like OSPF or BGP to decide when to fail over.

    0
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy