Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPsec VTI - Firewall rules not syncing

    Scheduled Pinned Locked Moved General pfSense Questions
    2 Posts 2 Posters 125 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      michmoor LAYER 8 Rebel Alliance
      last edited by michmoor

      High Avail setup with pfsense nodes.
      I noticed that firewall rules created under my VTI interfaces are not syncing to the backup.
      All other interfaces with rules do get sync'd over.

      Switching between Master and Backup for testing if i create the rules on the secondary and flip back to the Master, the backup loses the firewall rules created but doesn't get any new firewalls I created for the VTI interface under the Master.

      What do i do here?

      edit

      Interface assignment is the same on both nodes: ipsec1

      Firewall: NetGate,Palo Alto-VM,Juniper SRX
      Routing: Juniper, Arista, Cisco
      Switching: Juniper, Arista, Cisco
      Wireless: Unifi, Aruba IAP
      JNCIP,CCNP Enterprise

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        Discussion of this is here: https://forum.netgate.com/topic/189472/high-avail-secondary-node-ips-how-to-find-it

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.