Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPSec on backup node

    Scheduled Pinned Locked Moved IPsec
    1 Posts 1 Posters 451 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • I
      icmp_reply
      last edited by

      We have a IPSec tunnel setup on a CARP VIP WAN like this

      Phase 1

      Tunnel CARP VIP WAN: xx.xx.xx.xx
      To Aws: xx.xx.xx.xx

      Phase 2.

      Left side is 192.168.90.0/24 and right side is 10.80.0.0/16

      We have a CARP VIP Lan 192.168.90.1/24
      Master server have 192.168.90.2/24
      Backup server have 192.168.90.3/24

      Gateway 192.168.90.1/24
      Static route: 10.80.0.0/16 via 192.168.90.1
      This is to allow the pfsense to reach the right side.

      Now the Master node can send system log to remote syslog server in aws.
      the backup node can ping the VIP and have the static route same as Master but fail to communicate or send log to syslog remote on aws.

      anyone have a clue why ?

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.