Firewall and Port Forward Rules for CARP Virtual IP



  • Hello Everyone,

    I recently experiencing with PFsense CARP for HA. The setup is straight forward by following the setup guide Michael blog below. The failover functionality work great. However, I cannot figure out on how to setup port forwarding on the WAN Virtual IP? I do not see the CARP interface under the Firewall Rules page.

    Let say I have the webserver that sit behind NAT and setup port forwarding the domain on the PF Master WAN IP. This scenario would break if the PF Master node failed. I would think there must be a way to perform port forwarding rule on the WAN Virtul IP interface. However, the only available interface choice I see is LAN, WAN and SYNC interface.

    http://blog.thedarkwinter.com/2015/03/pfsense-ha-hardwaredevice-failover.html

    pfSense master
    install 3 network cards with below IP configuration

    WAN : 192.168.91.149 / 24
    LAN : 192.168.4.21 / 24
    SYNC : 192.168.10.21 / 24

    WAN virtual ip : 192.168.91.10 / 24
    LAN virtual ip : 192.168.4.10 / 24

    pfSense slave
    install 3 network cards with below IP configuration

    WAN : 192.168.91.150 / 24
    LAN : 192.168.4.22 / 24
    SYNC : 192.168.10.22 / 24

    I'm greatly appreciated if you can point me to the right direction.

    Thanks,
    //Jay



  • The interface is WAN. You change the destination from 'WAN address' to your vip via the dropdown.



  • @dotdash:

    The interface is WAN. You change the destination from 'WAN address' to your vip via the dropdown.

    Ahh. I found it. Thanks


Log in to reply