IPsec Failover for Private LAN
Looking at creating a IPsec Tunnel through the internet as a fail over for a private Extended LAN. Each side has its own subnet. Can this be easily done in 1 PFSense box at each end or would it be easier to have 2 boxes at each end with 1 doing just the IPsec tunnel, and the other doing the routing?
cmb last edited by
Keep it all on one box. IPsec will have to be manually enabled to fail over (if tunnel mode). For automatic, must use transport mode +GRE/gif or OpenVPN, and a routing protocol.
Thanks for the information. Going to see if i can get it setup this week.
I was able to get it setup as a manual fail over and it works awesome. Pulled 8MB/Second(what windows sees) through the VPN tunnel through the internet, private extended Lan only hit 1MB/Second.