Split traffic between OpenVPN and 'clear net'



  • Let me begin by quickly itemising the hardware I have so we know what we're working with:

    • HP Procurve 2524 (24 port managed switch)

    • HP Proliant ML110 (Server with single ethernet port)

    • ZyWall USG 20 Firewall (1 WAN & 4 LAN ports)

    • Sky Hub SR102 for inbound internet (1 ADSL & 4 LAN ports)

    …and now onto the question which is more of an 'is it possible?' kind of question, rather than a 'Can you tell me how to...' one. Although I'm sure it may quickly turn into an appeal for walk-through help!  :)

    In short I want to split my internet traffic so half goes through an OpenVPN connection & half through what I'd call 'clear net' or 'normal internet', I'd like to not buy any more hardware as i'm sure it's possible to configure using the kit I have.

    I did see https://forum.pfsense.org/index.php?topic=72902.0 but it's not quite the same as what i want to do & I found I don't some of the setting it describes in my version on PF Sense, I'm running version 2.2.5-RELEASE-pfsense (amd64) on the server.

    I had an idea in my head that i could create sub nets or VLANS and easily split the traffic, this is how I envisaged it working.

    Internet
                        ¦
                        ¦
                  Sky Router
                        ¦
                        ¦
              ZyWall Firewall  <–----------------- Maybe not needed, I thought it might take the strain of PF sense if it ran the firewall instead?
                        ¦
                        ¦
      ML110 Server on PF Sense  <-------------- Here I'd split between OpenVPN and 'clear net' & send out of the same ethernet port split by vlan or subnet.
                        ¦
                        ¦
            Procurve Switch <----------------- I'd configure to handle the VLAN's or Sub Nets and route/assign to specific ports so I can plug my stuff in.
              ¦                ¦
              ¦                ¦
    Clear Net            OpenVPN
            ¦                      ¦
            ¦                      ¦
    Devices                Devices <-----------------  Being any internet enabled device in the house.

    It may be pretty obvious to most that I don't really know what I'm doing which is why I need your help and so I need to ask if it is possible to split the traffic like this or could you offer an alternative method please?

    Massive thanks in advance to anyone who offers their view! Really would be appreciated as I've been reading/playing for days and can't figure out exactly what I can/can't do.

    Cheers
    thepurpledongle



  • I've just bought this for the ML110: http://www.ebay.co.uk/itm/272073960382 (HP NC360T 412646-001 412651-001 PCI Express Dual Port Gigabit Server Adapter)

    …which I'm hoping is going to make the whole exercise easier now.

    would still appreciate comments though please, thanks.


Log in to reply