Route Internet Traffic over S2S VPN
I've got a S2S VPN between 2 PFSense boxes, which each have their own internet connections via PPPoE.
I want to be able to route all traffic from site B through the external internet connection of Site A - however, no matter what I do (I've even installed 2 vyos routers to route 0.0.0.0/0 via Site A) the PFSense box at Site B still routes the traffic out of its local PPPoE connection.
Is it possible to stop this behaviour and route internet traffic through the VPN and out of Site A?
Use OpenVPN for that. If you REALLY want to use IPsec, use a VTI.
Thanks @Derelict ,
I've reconfigured both ends as a VTI now, and I can route between the two ends just fine, however, when the traffic from site b hits the PFSense box - its routing it out of its local PPPoE connection.
I think the issue is that because the IPSec Interface is virtual - I can't connect any other device to it - so I naturally have to send all traffic through another interface, on the PFSense box in order to hop over to the IPSec interface - and it defaults it out the PPPoE connection.
Any other ideas? Could I bridge the 'physical' (vmnet3) interface with the IPsec Interface?
No bridge. Policy route your internet traffic out the VTI.
Just like any other "VPN as WAN" solution like OpenVPN.
You will need to NAT for the source addresses on the side that has the internet WAN being used.
Perfect works a treat, thank you @Derelict