Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How do CARP VIPs work ?

    Scheduled Pinned Locked Moved Firewalling
    2 Posts 2 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C Offline
      cms 123
      last edited by

      I want to use pfsense to replace our netscreen firewall. There are a couple of webservers behind the firewall.

      I want to achieve the following:

      WAN IP  25.25.25.25  (Is it possible to manage pfsense on the WAN IP ?)
      LAN IP    192.168.10.25

      webserver 1  192.168.10.100  running FTP, HTTP, SSH  (want to be able to access this server via 25.25.25.100, also be able to ping the webserver when it's up)
      webserver 2  192.168.10.101  running FTP, HTTP, SSH  (want to be able to access this server via 25.25.25.101)

      I saw that CARP Virtual IPs respond to ICMP Pings if allowed by firewall. I set up a rule and NAT too but when trying to ssh into 25.25.25.100 it went to the pfsense server,
      not the webserver 1. Also when I entered http://25.25.25.100 (when I was connected to the WAN network) , I wasn't able to go website on webserver 1.

      I've searched a bit in the FAQs and this forum but haven't found an example yet, explaining how to set it all up.

      1 Reply Last reply Reply Quote 0
      • D Offline
        dpcma
        last edited by

        Can you describe the scenario a bit more detailed?

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.