Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPSec continuity and CARP/HA

    Scheduled Pinned Locked Moved HA/CARP/VIPs
    2 Posts 1 Posters 523 Views 1 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M Offline
      mmangiante
      last edited by

      Hello,

      I have 2 instances of pfsense in CARP/HA; I notices that when I update something in the master node, say for example a rule in the NAT, if there is an ipsec tunnel enabled, this become disabled and so the ipsec connection goes down.
      Maybe it is a wrong configuration, because I have the master node in the CARP (I called it pfs1) but the update to the rules, for example, are only propagated if I do it in the second node (pfs2); I suppose I can change this behavior setting the "Configuration Synchronization Settings" in the master node and not in the second, but however the question is if this make the continuity of the ipsec tunnel when I update something.

      --
      Regards

      1 Reply Last reply Reply Quote 0
      • M Offline
        mmangiante
        last edited by

        Hello,

        resolved by move the "Configuration Synchronization Settings (XMLRPC Sync)" on the pfs1 that it is also the Master node.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.