Adding VLANs in HA Config
I recently setup a new CARP / HA 2 node PfSense setup in our DC which sits in front of servers that we have client VMs running on.
When we provision a new client VM, it is allocated its own VLAN and IP range with PfSense.
The 2 PfSense nodes are identical in every way hardware wise.
When the new VLAN is created on PfSense, this config is not replicated to the secondary node.
I am able to log in to the secondary node and add the VLAN config a second time, but I am looking to hand this role over to someone else who is not as proficient with PfSense as I am, and I am concerned they will make a mistake that will go unnoticed until the day we have a failure on the master, and the system will not work correctly.
Is there any way that I can have the secondary cluster node pickup VLAN configuration from the master? Even if I have to do it by way of a script the runs out of cron, that might still be better than having to manually enter it twice each time.
Has anyone had to deal with this issue before?