4. BGP and IPSec Backup

BGP and IPSec Backup

  • C

    Hi all,

    Im hoping someone can help me out with a issue I'm having between a Watchguard and pfSense.

    I have a Watchguard at a branch office site and a pfSense at our another branch office.

    We have a private point-to-point line between the two devices.

    I run BGP across this private link and all can communicate as expected.

    I would like to have a failback IPSec VPN so that if the private line fails communications can continue, however as soon as I bring the IPSec VPN up on the pfSense the private link breaks.  It appears that the IPSec route is taking preference on the pfSense.  Watchguard has an option that fixes this labelled "Enable the use of non-default (static or dynamic) routes to determine if IPSec is used".  I have also tried amending the BGP route preferences however no luck.

    Can anyone advise how to achieve the same on pfSense?  I am unable to use OpenVPN as Watchguard does not support this.

    Thanks in advance!
    Chris

    0

  • If IPSec matches the traffic, it will grab it before it hits the routing table. I don't think there is a work-around.

    0
  • C

    Ahh shame! Thought that was the issue. I'll have to replace the pfSense with a Watchguard then.

    Thanks
    Chris

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy