Configuring "the same tunnel" on two different wan interfaces.

Daniel-SP · Mar 29, 2016, 9:29 PM

Hello,

I'm current running PFsense 2.2.6 on a single Box (no CARP) with 2 WAN interfaces, each one from a different ISP, and I want to provide a failover IPSec tunnel option to my clients.
My idea is to configure the same IpSec tunnel on each WAN interface, and keep both active, if my WAN-1 goes down, my client will try to use Tunnel on WAN-2.
Is that possible? If not, Is there a way to do this with minimum manual intervention?

Thanks, best regards.

Derelict · Mar 29, 2016, 9:39 PM

https://forum.pfsense.org/index.php?topic=58784.0

Daniel-SP · Mar 30, 2016, 9:34 PM

Hi Derelict,

Thanks for your reply.
I read the thread and I don't think this will help me.
My clients don't have PFsense, actually I don't even know if they have multiwan, and all messages asking about this failover method in the situation where the remote firewalls are not Pfsense didn't get any responses.
Is there any other way around this?

regards.

dotdash · Mar 30, 2016, 9:45 PM

Not currently. You can create a parallel tunnel on the second wan and disable it for manual failover.