Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Development and Code Review
(Moderator:
fabian
) »
IPSEC Failover Management plugin?
« previous
next »
Print
Pages: [
1
]
Author
Topic: IPSEC Failover Management plugin? (Read 2681 times)
kapara
Jr. Member
Posts: 97
Karma: 3
IPSEC Failover Management plugin?
«
on:
March 12, 2020, 07:37:12 pm »
I would be really interested in finding someone that could develop a VPN failover control solution possibly as a plugin.
It does not make sense why this cannot be an easy solution.
What I envision is as follows:
The ability for 2 firewalls to communicate with each other over ssl/https to each other over a single or dual wan setup.
It will allow the sharing of information as to which WAN connections are up to allow each firewall to determine which IPSEC tunnel to disable or enable based on defined criteria.
For Example:
Site A has a single Static WAN
Site B has 2 single static WAN in Failover
Both sites have 2 (P1 and P2) IPsec configurations so that VPN can work across all WAN interfaces.
Depending on which interface is up or down the 2 firewalls will communicate this info and based on the info will disable or enable the respective tunnel. This can also be weighted so when a primary WAN comes back up it will fail the tunnel back over.
If I do not see any interest in this I will try my luck on upwork but it would be great to see if anyone else is interested and find someone to build this out as it is a feature that is available in pretty much every other firewall solution.
Logged
mimugmail
Hero Member
Posts: 6766
Karma: 494
Re: IPSEC Failover Management plugin?
«
Reply #1 on:
March 12, 2020, 09:46:40 pm »
It will be hacky with IPsec, also all commercial vendors with these one click solutions drive a hackery inside.
Just use OpenVPN which will achieve this out of the box
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
kapara
Jr. Member
Posts: 97
Karma: 3
Re: IPSEC Failover Management plugin?
«
Reply #2 on:
March 17, 2020, 05:07:16 pm »
Regretfully some of my customers can only support IPSEC and also I have seen worse performance in OpenVPN over IPSEC.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Development and Code Review
(Moderator:
fabian
) »
IPSEC Failover Management plugin?