CARP and Squid question



  • Hello all,
    I've installed 2 pfsense boxes and set a hardware redundancy successfully. My WANs are like this:
    xxx.xxx.xxx.168 - public - Master
    xxx.xxx.xxx.169 - public - Backup
    xxx.xxx.xxx.170 - public - virtual
    outbound NAT through the .170 address
    when i make a SSH to an external server i am connecting with the .170 IP
    Then I've install Squid + Squid Guard and set it as a transparent proxy. Then when i open an html i am connecting with Master's IP .168 and not from the virtual one. How can i set the proxy server to use CARP's virtual address? Is there something that I've missed?



  • AFAIK all services running on pfSense itself (like squid or the DNS forwarder) can only make use of the primary WAN.



  • actually i did it :). It appears that all traffic from squid go out from the localhost, so i changed the NAT source to be not only LAN but any


Locked