Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    2 ESXi + 2 Pfsense Problem

    HA/CARP/VIPs
    2
    2
    1.1k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      elico
      last edited by

      Hello guys

      I need your help with problem we are facing.
      We have 2 ESXi 6 servers and 2 Pfsense FW.
      Each of the fw located 1 ESXi.
      All the configuration of CARP applied according to the guide + VMWare changes.
      VMware ESX Users
      Enable promiscuous mode on the vSwitch
      Enable "MAC Address changes"
      Enable "Forged transmits"

      The problem is if the master Pfsense is on ESX01, all the VMs on that ESXi is pinging good to the VIP and nodes.
      BUT all the VMs on the ESX02 losing packets to ping the VIP but pinging good to the LAN actual IP and all other VMs on 01 ESX1.

      Anyone facing this issue? any idea?

      Thanks
      EC

      1 Reply Last reply Reply Quote 0
      • R
        rkelleyrtp
        last edited by

        How is your Outbound NAT configured?  I had a similar problem whereby my Outbound NAT was tied to the interface and not the VIP.  Here is what I did:

        • Firewall -> NAT
        • Click Outbound NAT
        • Make sure your "NAT Address" for the LAN subnet is tied to the external CARP IP address instead of interface address

        Hope this helps.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.