1. Home
  2. pfSense® Software
  3. HA/CARP/VIPs
  4. CARP on WAN w/ 2 Static IPs… Need help

CARP on WAN w/ 2 Static IPs… Need help

  • U

    I am given two static IPs by my ISP in my data center. Presently I have one pfsense fw setup using both. WanIP1 used for NAT outbound from LAN1 and WanIP2 used for NAT outbound from LAN2. I have configured WanIP1 to allow only OpenVPN inbound connections and WanIP2 for HTTP and HTTPS inbound to relayd running on pfsense.

    Reading here: https://doc.pfsense.org/index.php/High_Availability…. I found this "Minimum of three IP addresses per subnet (one for primary, one for secondary, one or more for CARP VIPs) -- This can be avoided on pfSense 2.2, but is still recommended."

    What I'm looking to understand is if it is possible to have another pfsense running in a hot standby mode whereas if pfsense1 crashed, pfsense2 could take over in some fashion.

    Again, at first glance, I see my limitation as only having two static public IPs available, but am curious what the note means form the link above.

    Also, if I had two static IPs available, would I direct web traffic to my new CARP WAN IP and change all my rules on pfsense to use this CARP IP as the destination IP for incoming traffic? Just looking to understand.

    0
  • Derelict
    LAYER 8 Netgate

    You need three addresses.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy