I have 2 sites. Both have pfSense, and a VPN is connecting them.
Additionally, I have 2 Ubiquiti radios between the two sites. They are currently on their own isolated network.
I also have a Ubiquiti switch on either side of the Ubiquiti radios, so I can trunk VLANS across and break them out on either side.
Here is what’s going on:
- VLAN defined in pfSense on both sides (1 side has the DHCP server, or no DHCP Server at all)…this may be a native network in pfSense on a specific interface but “become” a VLAN via the Ubiquiti switch on either side…
- Specified traffic allowed to pass to this network from other networks on both sides, as needed, via pfSense
- Other traffic, that does not involve pfSense, will go from one side to the other as well, either by a different VLAN or the same
NOW…the holy grail. For some traffic, IF the Ubiquiti radio link goes down, I want to send via the VPN. OR vice versa. What happens if a network is bridged via pfSense on both sides, but also has a path via the Ubiquiti radios? So, bridged two ways, if you will? Or am I overlooking a better solution?
Please note that I want the Ubiquit radios straight into the Ubiquiti switch on both sides directly, I don’t want the traffic to always have to go through pfSense first, as I am trying to have 2 separate paths which do not include the same points of failure (except the switches, of course).
There is a bunch of other complication I will not go into here as to not confuse you, but, does anyone have thoughts on how to best accomplish mult-path data like this?
Thank you,
Chris