Round-Robin or Selective MultiWAN Using OpenVPN?



  • Okay, so here's the idea I've been trying to figure out for a while now, and haven't had much luck. Like a lot of people, I use PrivateInternetAccess for my VPN provider, and I have one of their endpoints set as the exit node through my network (LAN Firewall rule blah blah, you've seen how that's setup before).

    Now, what I'd like to do, is get ALL of their VPN endpoints setup in my pfSense firewall, ALL of them connected, and then set them up as routing groups or individual routing points. The idea would be that if I'm trying to access bbc.co.uk, it takes the London or South Hampton endpoint. Anything US based, round-robin from the group of US endpoints. So on and so forth.

    Is this a farfetched idea? Basically, when a connection comes through the router, a geoiplookup is done to see where the hell it is, and it takes the closest gateway.


  • Rebel Alliance Developer Netgate

    Having multiple VPNs assigned is fine, and doing the policy routing works as well. Your problem lies in the "geoiplookup" requirement. You might be able to use pfBlocker country lists to aid in that, but there isn't a way to do such a lookup dynamically.

    In order to policy route you have to be able to match the traffic in a firewall rule, which can't wait on an IP lookup from an external database.