Configure VPN / IPSec with a routed public IP

  • Hi
    I am wondering if this is possible with pfSense. See the attached diagram where I've tried to illustrate that I want to create a IPsec tunnel between two pfSense rotuers. Router 1 has the public IP and local LAN which wants access to the remote LAN /24 on Router 2.

    Router 2 has two ISP connections for redudancy with IP and Router 2 has been provided with a public IP range of ISP 1 and ISP 2 is configured to route the range to Router 2 by the help of BGP for redudancy to work. BGP is not part of this scope or question.

    To avoid the IPsec tunnel going down in case the primary ISP link (ISP 1 with I want to avoid using and for the IPsec peer. Instead I want to use one of the routed IPs in the range. For instance In case pfSense needs to terminate an IPsec tunnel with an interface I have drawn in an optional VLAN 10 and assigned to that interface to possibly solve that issue.

    Is it at all possible to achieve this? I was thinking of trying to configure it in a lab to test it out, but was curious to hear if it could be done.

    Thanks for reading and I look forward to any tips.

Log in to reply