Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    WAN VIP failover

    HA/CARP/VIPs
    2
    2
    2.4k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • ?
      Guest
      last edited by

      Hi All,

      I have scenario here which I thought I was capable of completing but have failed  :(

      I have 2 pfsense firewalls side by side, doing carp. I have an inside VIP they are sharing and this side of it works fine, i.e when I down one firewall I can still reach the inside VIP and can reach internet etc. But this is whilst each firewall uses its own physical WAN address.

      My question is, can someone give me a quick run-through of how to set up a shared VIP for the WAN. So when failover occurs, the WAN address remains the same (just as it does internally). And yes, I have plenty of external IP's to play with.

      Thanks

      Ell

      1 Reply Last reply Reply Quote 0
      • dotdashD
        dotdash
        last edited by

        You just setup a CARP VIP on the WAN, then change the AON so the outbound NAT uses the WAN CARP instead of the interface. The CARP tutorial (http://www.pfsense.org/mirror.php?section=tutorials/carp/carp-cluster-new.htm) is a good reference for configuration.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.