In this multiwan config supported?



  • I have a four port pfSense 2.2.4 box and hope that someone can please tell me if this config is supported

    WAN - 29 bit subnet
    LAN - 192.168.1.0/24
    OPT1 - 192.168.0.0/24

    One or Two IPsec client tunnels on pfsense itself with a failover from a primary IPsec tunnel for all LAN users, to a secondary.

    OPT1 - Failover from .20 to .21 on failure

    • a vendor VPN tunnel on 192.168.0.20 (remote end public exit IP eg 1.2.3.4)
    • a ipsec connection on 192.168.0.21 (remote end public exit IP eg 2.3.4.5)
    • a SSL VPN (SoftEther) on 192.168.0.22 as a backup / failover to the same ipsec server as .21 (remote end public exit IP 2.3.4.5)

    We have a vendor supplied tunnel device on 192.168.0.20 on OPT1 that we can't really control anything more than the listening IP.  It tunnels out to the US to a public IP. I have a RaspPi running Softether SSL (on .22) to provide a failover if the Great Firewall decides that its going to further mess withi ipsec.  I would like to put the .21 ipsec into pfsense and use that as the 1st failover if .20 is down (as .20 is faster)

    Can pfsense be configured so that all LAN traffic goes from LAN to multiple IPSec tunnels running on pfsense -> OPT1 ipsec (on .20) -> WAN with a failover to LAN -> Ipsec tunnel (.21), to a final failover to the SSL VPN (on .22) with the ultimate failover to all traffic going to the WAN if all tunnels are down?

    Thanks all


Log in to reply