I'd like to be able to terminate an IPSec tunnel against one of two different remote endpoints (failover links at the remote end). This ticket exists, but has notes to say that it might be done:
https://redmine.pfsense.org/issues/1965
Is it actually done and I can define a 'gateway group'? To be clear I don't want WAN interface failover at the pfsense end, but a way to bind to a second IPSec peer endpoint in case the first endpoint goes down.
Have other people achieved this goal? Seems like a pretty common thing to want to do when the remote end isn't set up with full BGP failover.
Cheers
Ari
https://redmine.pfsense.org/issues/1965
Is it actually done and I can define a 'gateway group'? To be clear I don't want WAN interface failover at the pfsense end, but a way to bind to a second IPSec peer endpoint in case the first endpoint goes down.
Have other people achieved this goal? Seems like a pretty common thing to want to do when the remote end isn't set up with full BGP failover.
Cheers
Ari