On Wed, Oct 14, 2015 at 12:28:21PM +0000, C.L. Martinez wrote: > Hi all, > > I am using an OpenBSD vm to act as a firewall for my laptop and as openVPN > client to connect to several openvpn/ipsec servers. > > Sometimes I need to stay connected to two or more openvpn/ipsec gateways. > And at the same time, I need to stay connected to other networks in my > company (which are reached via default gateway). > > As you can imagine, this scenario present some problems about how to setup > pf rules and manage different default gateways. > > I see two possible solutions: rdomains or mpath. On the other side, I can't > make changes on openvpn/ipsec servers due to they are out of my control. > > In your opinion, what is the best option: rdomains or mpath? In both cases > I see one problem: I have only one external interface. How to deal with > this?
I have little bit problem to understand the problem but you can modify openvpn/openconnect scripts to fit your needs. Thus you can assing label to your routers via `route' command. Then you can use '...to route "openvpn_tunnel"' in your pf.conf... j.
