@mrfrenchfry You can export the interface config from the secondary node: Diagnostics > Backup & Restore > Backup & Restore At Backup area select "Interfaces". Download the file. Then load it into a text editor and order the interfaces accordingly to the primary. Save the file and re-import it into the secondary.

More photos: [image: 1648852380286-20220201_181442-resized.jpg] [image: 1648852382954-20220131_180718-resized.jpg] [image: 1648852386758-20220201_181457-resized.jpg] [image: 1648852458418-20220119_165632-resized.jpg] [image: 1648852516449-20210929_162052-resized.jpg] [image: 1648852642104-20201214_141056_hdr-resized.jpg]

Sorry, it probably was only a temporary problem while the network reconfigured to the static IP. It now seems to work properly.

@skorpio The CARP alias skew is set in each alias: https://docs.netgate.com/pfsense/en/latest/recipes/high-availability.html#configuring-the-carp-virtual-ips "A primary node is typically set to 0 or 1, secondary nodes will be 100 or higher. This adjustment is handled automatically by XML-RPC synchronization."

@crl was this resolved? I'm having some issues myself. Hoping you found your solution. :)

@viragomann switching to CARP VIP in the OpenVPN config solved the issue, now I'm getting to the LAN. Thank you very much for pointing me on the right direction!

Ok, found out the problem, maybe. there was a space in the Gateway IP in VAN50 dhcp settings also checked "Time from UTC to Local" With both changes, now DHCP works flawlessly. Thank you.

@steveits Hello, When I add the rule on the master, it is duplicated on the second pfsense. The master pfsense remains master in "status/CARP". The second pfsense is in "Backup". Yes the problem is not temporary, I have a total loss to the internet. The master's wan interfaces are up and communicating with their gateway. But unable to access the internet. The interfaces are in green on the dashboard. Regards.

Is any one knows why the URL is getting changed by adding amp; every time while saving the configuration? this is kind of miss-behavior

@klaws Mail Report just let you know in time any issues that could occur. At least for me it helps a lot dealing with pfsense clusters. Examples: like when some CARP state changes states (master or backup), 17:51:09 HA cluster member "(10.0.13.1@ixl3.13): (IXL3_VLAN13_IT_ADMINS)" has resumed CARP state "BACKUP" for vhid 12 when WANs went offline or online in gateway groups: 11:07:07 MONITOR: WAN_ROUTERA_WAN2_GW is available now, adding to routing group GW_GROUP x.x.x.225|172.16.2.2|WAN_ROUTERA_WAN2_GW|34.651ms|87.308ms|18%|online|loss when services stop working and watchdog service detect and handle the situation, 9:26:00 Service Watchdog detected service openvpn stopped. Restarting openvpn (OpenVPN server: Internal Devices) when rules cannot load: 15:42:40 There were error(s) loading the rules: /tmp/rules.debug:51: cannot load "/var/db/aliastables/pfB_NAmerica_v6.txt": Invalid argument - The line in question reads [51]: table <pfB_NAmerica_v6> persist file "/var/db/aliastables/pfB_NAmerica_v6.txt" when XMLRPC communication fails: 17:29:59 A communications error occurred while attempting to call XMLRPC method restore_config_section: 16:43:28 Exception calling XMLRPC method restore_config_section # Impossible to encode value '' from type 'NULL'. No analogous type in XML_RPC.

@steveits It got solved. Rebooting the firewall did not help, resetting the states neither, but disabling the WAN interface and enabling it again DID help. And all is looking good again now

[image: 1646846176563-049f21fe-c7d0-4640-8834-d5f7af093f0a-image.png]

@viragomann The one thing I notice, examining config.xml: the internal ID for a gateway group is pretty unique. No idea how that is supposed to sync or not... I'm going to do more experiments tomorrow...

@mrpete @viragomann I've got it working close to 100% now :)

@mrpete @netblues @Cool_Corona I've updated the OP with results of my first set of experiments. When I have a chance, I'll redo a full install on secondary CARP and see how that goes.