2 Wan - 1 for VPN's 1 for Internet

cconk01

Hello all,
I just setup my first pfsense, got a cupple vlans going and what not. Currently I have 3 site to site vpns setup. I would like to put the pfsense box in place of one of the netgear firewalls and start using it. Thing is, I have one PPPOE (dsl) connection and one dhcp (cable) connection. How can i setup the pfsense box to have the vpns travel across the dsl only, and have the internet trafic flow across the cable connection?

I am running 1.2 RC4.
WAN is PPPOE - Dynamic
Opt 1 is DHCP - Dynamic

Thanks in advance,
Peter

PS: I look forward to playing around with this firewall :-)

hoba

When creating the tunnel you can assign the interface that the tunnel gets terminated on. however this won't work reliably with dynamic endpoints. Depending on the opposite end of the tunnel this might work when using dyndns or if the opposite end is static. For the internet on opt1 traffic this is pretty simple. just create a firewallrule at firewall>rules, opt1:

pass, any protocol, any source, any destination, gateway opt1

That's basically it. However to not route the subnets behind the vpn tunnels directly to the opt1 gateway before it can hit the ipsec deamon create a firewall rule above that one rule like:

pass, any protocol, any source, destination <vpn subnets="">, gateway default.

Basically that's it.</vpn>

cconk01

So dyndns accounts will not work? essentially what i have right now are all using dyndns accounts. Why will this cause problems?

hoba

It's not designed that way yet. Search the forum if you need further details. This has been discussed in depth already. When using dynamic endpoints at both ends try using openVPN.