Failover IPSec with two ISP
-
Dear Pfsense members,
Thank you for all your effort to create pfsense.
I'd like to make failover IPSec with two ISP. When one of the IPS's disconnet I'd like use the IPSec tunnel on another IPS from LAN.LAN
|
PFSENSE
WAN OPT1
| |
ISP1 ISP2
| |
INTERNET
|
ISP3
|
PFSENSE (awaiting mobile clients IPSEC)Above method is best because I make it only with one pfsense at LAN but I don't thik it will be possible because as I know IPSec tunnelling can be made only at WAN interface. If it is impossible, then can it be possible with two pfsense?
LAN
|
–---------------------
| |
PFSENSE PFSENSE
WAN OPT1 OPT1 WAN
| +----------+ |
| |
ISP1 ISP2
| |
INTERNET
|
ISP3
|
PFSENSE (awaiting mobile clients IPSEC)I will use tunnel on ISP1 and when ISP1 disconnet I'd like use the tunnel on ISP2 automatically without faill. I think it can be possible with Carp or failover IPSec (I foud it on IPSec configureation page on pfsense) but I don't know how I make it. It will help me if you give me the way in detail. Thank you.
-
See http://forum.pfsense.org/index.php?topic=1580.0 for a similiar scenario.