Ipsec and sonicwall



  • Hi guys; I use pfsense 2.0 with this configuration:

    wan1–----
                  |--------loadbalancing --------->lan
    wan2------

    and I need to create a VPN between pfsense and sonicwall in order that I can see my lan traffic under sonicwall, and keep the loadbalancing working; In sonicwall I need to see my lan traffic in order that I can apply proxy rules and check security related problems.

    I've tried this config already, and using IPSEC in tunnel mode I can create the VPN for wan1 (very outgoing traffic for wan1 was seen from sonicwall, but not the wan2 traffic), but can't do it twice, for both wans, because in sonicwall I can't have another object to that network (or something like that, the sonicwall installer said to me, I haven't operated it). It seems the solution would be use the transport mode, but in that case I had a problem in phase 2 negociation, and could not make it complete the negociation.

    My question is if someone think this is possible to me to keep loadbalancing and have all this traffic on a VPN using IPSEC?

    thanks in advance!



  • @srs:

    My question is if someone think this is possible to me to keep loadbalancing and have all this traffic on a VPN using IPSEC?

    It's been a while since I've looked at a Sonicwall firewall.  If it has the ability for a failover (alternate) VPN IP address, then you could set a gateway group in pfSense set the second WAN interface to Tier 2.

    That should work because both firewalls would monitor an IP for each failover.  I'm just not sure with Sonicwall, it's been a few years for me.


Log in to reply