• Hi! I would like to know if it is possible to implement this configuration in pfsense, that is working on a debian+shorewall firewall at the moment:

    I've a linux firewall with two wan gateway at each office site(two site). I've setup two openvpn (gateway to gateway) tunnel, the first goes through wan1<->wan1 and the other goes through wan2<->wan2. With policy routing i can decide which tunnel, hosts on both office internal lans, use to communicate with each others. Like when host1 from office1 try to ping (or something else) host2 on office2, the communications runs on the second tunnel wan2<->wan2 because the line is faster. But for the rest the first tunnel wan1<->wan1 is used.

    I would like to replace both firewalls with Pfsense, but i was unable to find some info on how to implement this configuration. And is it possible to do failover for the vpns, like if one line goes down at one of the office, all the communication start to flow on the active tunnel?

    Thanks a lot.