Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Failover IPSec with two ISP

    IPsec
    2
    2
    3.4k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      sbyoon
      last edited by

      Dear Pfsense members,

      Thank you for all your effort to create pfsense.
      I'd like to make failover IPSec with two ISP. When one of the IPS's disconnet I'd like use the IPSec tunnel on another IPS from LAN.

      LAN
              |
        PFSENSE
      WAN    OPT1
      |              |
      ISP1      ISP2
      |            |
      INTERNET
            |
          ISP3
              |
        PFSENSE (awaiting mobile clients IPSEC)

      Above method is best because I make it only with one pfsense at LAN but I don't thik it will be possible because as I know IPSec tunnelling can be made only at WAN interface. If it is impossible, then can it be possible with two pfsense?

      LAN
                  |
          –--------------------- 
          |                      |
      PFSENSE          PFSENSE
      WAN  OPT1    OPT1  WAN
        |        +----------+      |
        |                              |
        ISP1                        ISP2
            |                            |
                    INTERNET
                        |
                      ISP3
                        |
                    PFSENSE (awaiting mobile clients IPSEC)

      I will use tunnel on ISP1 and when ISP1 disconnet I'd like use the tunnel on ISP2 automatically without faill. I think it can be possible with Carp or failover IPSec (I foud it on IPSec configureation page on pfsense) but I don't know how I make it. It will help me if you give me the way in detail. Thank you.

      1 Reply Last reply Reply Quote 0
      • H
        hoba
        last edited by

        See http://forum.pfsense.org/index.php?topic=1580.0 for a similiar scenario.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.