pfSense Gold Subscription

Author Topic: Dual WAN + Dual OpenVPN Clients + Load Balancing (extra speed)  (Read 240 times)

0 Members and 1 Guest are viewing this topic.

Offline MikeHunt

  • Newbie
  • *
  • Posts: 5
  • Karma: +0/-0
    • View Profile
Dual WAN + Dual OpenVPN Clients + Load Balancing (extra speed)
« on: September 12, 2017, 04:11:57 pm »
I have two connections which are ~50Mbps each, I want to run a privacy VPN over each of them and then load balance them (via groups) so I get ~100Mbps.

I've managed to get load balancing to work without the VPN and VPN working with only 1 WAN, but getting load balancing to work with a openvpn for each wan doesn't seem to work as whatismyipaddress still displays my regular IP addresses.

I've noticed there is only one OpenVPN interface, is this the problem? Is what I want to do even possible?

Any help would be greatly appreciated  :)

Offline heper

  • Hero Member
  • *****
  • Posts: 2688
  • Karma: +253/-11
    • View Profile
Re: Dual WAN + Dual OpenVPN Clients + Load Balancing (extra speed)
« Reply #1 on: September 14, 2017, 02:54:58 am »
you'd need to assign interfaces to the 2 openvpn instances ...
(don't forget to add rules afterwards)

also: loadbalancing doesn't increase speed for a single session/stream.
some speedtest sites (like speedtest.net) will open multiple streams to show you the accumulated speed of both wans/vpns

Offline MikeHunt

  • Newbie
  • *
  • Posts: 5
  • Karma: +0/-0
    • View Profile
Re: Dual WAN + Dual OpenVPN Clients + Load Balancing (extra speed)
« Reply #2 on: September 14, 2017, 07:23:11 am »
Thanks for help, I just wanted extra connection to boost large multi-session downloads, Steam, torrent etc.

I managed to get it all working, for anyone else who is in this position:

1) Follow the PIA guide on how to setup Pfsense for VPN.

2) Make a copy of the VPN so you have one for each connection (in my case two), make sure each one is set to face the corresponding WAN.

3) Assign each VPN to an interface.

4) Under Firewall NAT Outbound where you created rules from PIA guide, you need to duplicate all of them and set the duplicates to the second WAN (if you have more than two connections you'll need a 3rd set of duplicates etc.)

5) Under gateways add one for each VPN interface.

6) Under gateway groups add one with all the VPN gateways you just created with Tiers set to 1 (if you want load balancing like I do).

7) Under Firewall Rules LAN set the IPv4 LAN any rules gateway (under Display Advanced section) to the gateway group you just created, for privacy VPN's it's recommened to disable IPv6, so I set that one to block instead, however if you need this also it to that gateway.

8 ) Reboot Pfsense and check your IP at whatismyipaddress, refresh a few times to double check.
« Last Edit: September 14, 2017, 07:27:09 am by MikeHunt »