Configure VPN / IPSec with a routed public IP
amuso last edited by
I am wondering if this is possible with pfSense. See the attached diagram where I've tried to illustrate that I want to create a IPsec tunnel between two pfSense rotuers. Router 1 has the public IP 188.8.131.52 and local LAN 192.168.100.0/24 which wants access to the remote LAN 192.168.200.0 /24 on Router 2.
Router 2 has two ISP connections for redudancy with IP 184.108.40.206 and 220.127.116.11. Router 2 has been provided with a public IP range of 18.104.22.168/29. ISP 1 and ISP 2 is configured to route the 22.214.171.124/29 range to Router 2 by the help of BGP for redudancy to work. BGP is not part of this scope or question.
To avoid the IPsec tunnel going down in case the primary ISP link (ISP 1 with 126.96.36.199) I want to avoid using 188.8.131.52 and 184.108.40.206 for the IPsec peer. Instead I want to use one of the routed IPs in the 220.127.116.11/29 range. For instance 18.104.22.168. In case pfSense needs to terminate an IPsec tunnel with an interface I have drawn in an optional VLAN 10 and assigned 22.214.171.124/32 to that interface to possibly solve that issue.
Is it at all possible to achieve this? I was thinking of trying to configure it in a lab to test it out, but was curious to hear if it could be done.
Thanks for reading and I look forward to any tips.