Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    WAN down, but LAN will not failover to Backup FW

    Scheduled Pinned Locked Moved
    HA/CARP/VIPs
    1
    1
    152
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      robert1157
      last edited by

      Hi,
      we are currently adding a second firewall to our setup for HA.

      While testing we saw that, when we disconnect the WAN port on the primary FW, the VIPs on the WAN Interfaces fail over to the secondary FW, but nothing happens on the other interfaces (LAN, DMZ, etc).

      We are using the Netgate 1541 as hardware platform, copied the config from our old FW, changed the interface (on both), setup HA.
      Config sync is working, state sync is working, CARP is working independently on the interfaces.

      I have found this:
      A similar problem (but in a VM): https://forum.netgate.com/topic/185613/wan-link-unplugged-but-lan-not-failoverto-backup
      A similar problem (on older HW): https://www.reddit.com/r/PFSENSE/comments/dsbrbm/failover_issue_with_ha_setup/

      Hardware / Software:
      21059f87-e37c-4d1f-be6d-784ddceefde1-image.png

      IP Config secondary:
      58ac6eed-5aee-4cf8-8f9d-67639f8446b0-image.png

      CARP Status on primary and secondary:
      5081c96f-175c-4a62-98c0-c5db3c6885fc-image.png
      a38b7bc0-9765-4020-92df-fb313459805d-image.png

      After disconnect IP Config primary:
      ef613048-8ec5-4ce7-b7fe-ef23104688db-image.png

      After disconnect - CARP Status on primary and secondary:
      6afa1ffa-f4c3-43da-900b-49087ab26260-image.png
      081d6ba6-574b-4e37-a8c4-db0cec589831-image.png

      What could be the problem?
      THX Robert

      1 Reply Last reply Reply Quote 0
      • First post
        Last post