Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    HA+CARP for pfSense on VMware ESXi and promiscuous mode issue

    Scheduled Pinned Locked Moved General pfSense Questions
    1 Posts 1 Posters 211 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mauro.tridici
      last edited by

      Dear Expert Users,

      I've set-up 2 pfSense in CARP on two ESXi nodes and, following the available documentation, I've created another port-group only for pfSense with promiscuos mode enabled.

      Problem is that now pfSense receives all traffic that goes to the Virtual Switch, so LAN interface it's "flooded" by unwanted traffic and, more important, from within pfSense it's possible to sniff all the traffic that goes through the virtual switch.

      Can I create a firewall rule to make pfSense ignore the unwanted traffic? If yes, could you please show me an example rule?
      Or, alternatively, is there another way to be able to have CARP working on ESXi without promiscuous mode?

      Thank you very much,
      Mauro

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.