OPNsense Forum

Archive => 16.7 Legacy Series => Topic started by: penley on October 11, 2017, 07:15:15 pm

Title: Routing vpn users coming in one gateway out a different gateway
Post by: penley on October 11, 2017, 07:15:15 pm

If you have an opnsense setup with two gateways (with two different ISP's) is there a way to route traffic coming in one gateway through the other gateway?
For example if vpn came in on gateway one is it possible to route any traffic coming back to that vpn user through gateway two?


Kind regards,
penley

Title: Re: Routing vpn users coming in one gateway out a different gateway
Post by: franco on October 12, 2017, 07:32:15 pm

If you are using Multi-WAN and want to flip flop, that's very hard. If you use VPN incoming in one WAN it's easy to move outgoing (terminated) VPN traffic out the other gateway.

The problem is that if the encrypted tunnel traffic is decrypted there is no way to know where it came from.


Cheers,
Franco

Title: Re: Routing vpn users coming in one gateway out a different gateway
Post by: franco on October 12, 2017, 07:32:56 pm

Well that's not entirely true, but you would have to map VPN subnets or IPs to gateways, you could use aliases for this...

Title: Re: Routing vpn users coming in one gateway out a different gateway
Post by: penley on November 02, 2017, 04:41:27 pm

Thank you so much @franco! I'll research some more on this as well.