VPN link as "WAN" interface/default route?



  • I need to have a firewall that will recognize, for routing purposes, two WAN links.
    One actual WAN link provided by the ISP, with DHCP and NAT,
    one logical WAN link with fixed, public IP address, routed via VPN to the actual internet gateway, whereby the transport uses the actual, ISP provided WAN interface.

    I then need policy based routing, or at least a (transparent?) web/ftp proxy that uses the actual WAN link for outgoing traffic, while just about anything else is supposed to routed over the logical WAN link that uses a VPN as transport.

    In addition to that VPN link that serves as default route, there will be a four more VPN links that are private.

    Is such a setup supported in either pfSense 1.2.x or 2.0.x? I don't seem to find the relevant answers browsing that site, and if I wanted to test it, I'd first have to buy some hardware, so I'd rather avoid the chance of making that investment just to figure out that it doesn't work…

    Ronald


Log in to reply