Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Dual Wan setup with OpenVPN as client

    Routing and Multi WAN
    2
    5
    2.5k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      markdueck
      last edited by

      I have a setup that I'd like to do, but am stuck on how to get it started.  I have 2 internet connections.  I want to route all internet traffic over one of these routes through a vpn connection, but I want that connection to fail over to just the wan1 side if the vpn goes down.

      I already get vpn connected as a client, running it from commandline, and my pinging from the pfsense box is routed through that, but on my lan I can't browse cuz pfsense does not know to route that traffic to the new vpn connection?

      Is there a simple way to do this?  I would think that it should not be too hard to balance the VPN and the wan2 connection.  If it's a nightmare to then also have the vpn fail over to wan1 if vpn goes down, I'll just have to work without that..

      Can someone help me with this?  if more clarification is needed, I'll try to do a picture..

      Thanks,
      Mark

      1 Reply Last reply Reply Quote 0
      • GruensFroeschliG
        GruensFroeschli
        last edited by

        http://pfsense.blogspot.com/
        second post (on 12.8.07)

        We do what we must, because we can.

        Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

        1 Reply Last reply Reply Quote 0
        • M
          markdueck
          last edited by

          Thanks for the quick post, but the blog you refered to is not exactly what I need.

          I want to setup the openvpn as a client in my pfsense box, routing all the internet connections over the vpn, not over wan.  If there's anyway I can make the tun0 adapter show up as an interface under opt wan, that's all I need.  Then I can figure out how to do the fail over and load balancing.

          Thanks.

          1 Reply Last reply Reply Quote 0
          • GruensFroeschliG
            GruensFroeschli
            last edited by

            do you have access to the server-side of your tunnel?
            i'm not sure if that works with pfSense but it should:

            add something like this to your server-config
            push "redirect-gateway def1"
            push "dhcp-option DNS x.x.x.x"

            that changes the routing table so that everything goes over the VPN.
            now if the VPN goes down the OpenVPN client should restore the routing table back to it's original state.

            We do what we must, because we can.

            Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

            1 Reply Last reply Reply Quote 0
            • M
              markdueck
              last edited by

              This is working already.  I'm paying for a VPN service because my ISP is blocking services.  The internet works fine with the VPN service, but once I'm connected to the VPN, do the routes not need to be changed, so that pfsense does not try to still route internet over the wan interface?  How can I tell PFSense to now route over the tun adapter instead of the opt nic..

              Thanks.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post