Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPsec Failover for Private LAN

    Scheduled Pinned Locked Moved IPsec
    4 Posts 2 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jammcla
      last edited by

      Looking at creating a IPsec Tunnel through the internet as a fail over for a private Extended LAN.  Each side has its own subnet.  Can this be easily done in 1 PFSense box at each end or would it be easier to have 2 boxes at each end with 1 doing just the IPsec tunnel, and the other doing the routing?

      1 Reply Last reply Reply Quote 0
      • C
        cmb
        last edited by

        Keep it all on one box. IPsec will have to be manually enabled to fail over (if tunnel mode). For automatic, must use transport mode +GRE/gif or OpenVPN, and a routing protocol.

        1 Reply Last reply Reply Quote 0
        • J
          jammcla
          last edited by

          Thanks for the information.  Going to see if i can get it setup this week.

          1 Reply Last reply Reply Quote 0
          • J
            jammcla
            last edited by

            I was able to get it setup as a manual fail over and it works awesome.  Pulled 8MB/Second(what windows sees) through the VPN tunnel through the internet, private extended Lan only hit 1MB/Second.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.