virual ip From ip alias to CARP type
-
Hello
i have setup pfsense using virtual ip's for internal network and external network. I want to setup second pfsense using CARP . Can i just change every ip from ip alias to CARP without having connection issues? -
@tosman06
Change one of the virtual IPs on each interface to a CARP. For the others, edit them and change only the interface to the CARP VIP.Remember to also change to outbound NAT on WAN to the CARP VIP and also on your local devices the gateway IP.
-
@viragomann thank you. i don't know if i said well. I don't want to change the ip address. Just the type from ip alias to CARP. Can i just do that before i connect to second pfsense using CARP technology? I mean i want to change in my main pfsense that i am using now. And after that i connect the other pfsense and setup the carp connection! Is that right?
-
@tosman06
Best to connect the second pfSense before you start the CARP setup.You know, each box needs an interface IP in each subnet. So you need to keep an IP on the primary in each subnet, which you cannot be used on the other in case of failover.
Configure the interface IPs on the secondary, then connect it to your network. Configure a sync-interface on both.
Remember to set up the same admin credentials on both nodes.Then on the primary configure System > High Availability. Consider to use add sync user with limited privileges.
Check if the sync to the secondary works.Then start with the changes of the virtual IPs.
Since the secondary goes into backup state as soon as you enable CARP on the primary, the setup should go seamlessly. -
@viragomann thank you!