IPSec on backup node
-
We have a IPSec tunnel setup on a CARP VIP WAN like this
Phase 1
Tunnel CARP VIP WAN: xx.xx.xx.xx
To Aws: xx.xx.xx.xxPhase 2.
Left side is 192.168.90.0/24 and right side is 10.80.0.0/16
We have a CARP VIP Lan 192.168.90.1/24
Master server have 192.168.90.2/24
Backup server have 192.168.90.3/24
Gateway 192.168.90.1/24
Static route: 10.80.0.0/16 via 192.168.90.1
This is to allow the pfsense to reach the right side.Now the Master node can send system log to remote syslog server in aws.
the backup node can ping the VIP and have the static route same as Master but fail to communicate or send log to syslog remote on aws.anyone have a clue why ?
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.