4. VIP is not set in IPSec configuration

VIP is not set in IPSec configuration

  • C

    Hi all, I have set up an IPSec tunnel with Azure. In the Interface field I initially specified the interface which has the VIP address of my cluster. When I connect, all is fine and everything works perfect.

    Though, at the same time I have created a failover Gateway Group because I use a dual WAN. This group I am using it as the Default Gateway of my system.

    Now, if I go back to the IPSec tunnel and instead of the interface with VIP address, I set the Gateway Group, then I notice that the IPSec tunnel never connects, because it is using the physical IP address instead of the VIP. I am going in the ipsec.conf and I can confirm that instead of the VIP, the leftid is the IP address of the physical interface of node 1 in the cluster.

    Any idea why this happens? Do I do anything wrong in my configuration?

    Thank you

    0
  • C

    OK, the solution is that in the failover security group, in the "Interface Address" field, I had to specify the VIP address. When I did this, then the right IP was showed in the config file.

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy