WAN interface vs CARP WAN Interface
-
Am I correct to assume that in a normal firewall setup where you would use the WAN Interface, for virtual IPs and what not, that is where the CARP WAN Interface would go under HA. So instead of using the standard wan interface, you are actually using the CARP interface instead.
-
Depends on what you are configuring/doing.
You generally want services/VPNs to listen on CARP VIPs. You generally want outbound NAT to be a CARP VIP. You generally want inside clients to use a CARP VIP as their gateway and DNS server (if it's providing DNS).