Multiple wan, multiple IPSEC connections
Has anyone ever tried placing multiple IPSEC connections on multiple WAN links? I'm trying to figure out if what I'm doing is going to be stable in the long run, or if I'm doing something crazy….
Here's the short version:
P4 box, 1GB RAM, various network cards, 6 total
pfsense WAN has IPSEC 1
pfsense OPT3 has IPSEC 2
IPSEC 1 is cisco pix
IPSEC 2 is pfsense
the biggest problem I'm having right now is IPSEC 1 is dropping, or rather, not re-connecting after key lifetime is up. I just reset key lifetime on both phases to 3600 from 86400 to see if if that will help.
The goal is to have failover of the IPSEC connections.
There will be more IPSEC connections coming online in the coming months, so I have to pull the trigger by the end of this month.