Firewall help: Site to Site connectivity and VPN/Internet failover. Possible switch to pfSense


We are trying to add a point-to-point connection into an existing network, while implementing a high available/failover solution for internet and VPN.

Current setup:

Main site: 2 load-balanced WAN ISP connections (Presently using a Netgear SRX5308) (192.168.1.X)

Second site: 1 WAN ISP connection (using ZyWall 35 UTM) (192.168.3.X)

We currently have IPSEC VPN between them.


* We have a Point to Point (PTP) radio link that we want to connect in so the PTP is the primary connection between the sites (it is faster). If the PTP goes down, we want to have failover to the VPN via the ISP WAN links

* If Either site's WAN internet connectivity fails, we would like to route internet traffic through the other site via the PTP

* (additional step: We also have an Asterisk PBX that presently exists on a separate router. We have multiple IP addresses for each ISP at the main location, can dedicate a public IP from each ISP for the PBX if needed, and would like to move the PBX to be within this failover configuration.)

Our main need is to do something similar to "Highly Available Site to Site Connectivity using Dynamic Routing and VPN" on p.2 of this document

[url removed, login to view]

Our current routers are low-end (SOHO) and only support RIP. If OSPF is required or you convince us we otherwise need different hardware for this, we are willing to purchase two pfSense boxes, but would need you to configure them for us. If you feel you can meet our needs with our existing routers, that's fine too.

Expected Deliverables:

1) Initial plan for network architecture to achieve the VPN connection between Sites and failover as described above, using either existing h/w or pfSense

2) Implementation and support until this high availability solution is working and is stable.

3) Documentation sufficient to allow company staff to reproduce the procedure successfully in the future for future sites.

Please only bid if you are an expert with similar configurations.

Thank you.

Skills: Linux, System Admin

See more: failover vpn pfsense, pfsense vpn failover, traffic to site, p.c. connection, network system architecture, low connectivity, location routing, internet radio architecture, dynamic p, 192 168.1.1, sonicwall firewall router, pfsense support, wan implementation, vpn site to site, vpn router, vpn ipsec, router switch, router configure, pfsense, pbx ip, Ospf, netgear, linux firewall, ipsec

Project ID: #4475815

Awarded to:


Details in PM

$250 USD in 102 days
(15 Reviews)

4 freelancers are bidding on average $227 for this job


Hi there, i am very interested to complete this project. please see my past reviews related to system administration lets complete this project

$257 USD in 5 days
(195 Reviews)

Cisco Certified Engineer, i can do this easy. no problem same hardware

$192 USD in 5 days
(0 Reviews)

May I help you. Details in PM

$209 USD in 3 days
(0 Reviews)

love this project, you gotta give this project to me.

$244 USD in 3 days
(0 Reviews)