Ipsec fail on carp

  • Hi,
    i have a problem with 1pfsense-wan<-ipsec->carp-2pfsense config

    without carp the ipsec tunnel is full function but if i want to switch to carp (1pfsense:remotegw->carp ip/My identifer->wan ip & 2pfsense  Interface ->CARP1(….) /My identifer->carp ip
    Any idea what's wrong.The wan side from both pfsense are in the same net for testing only.
    I found an entry with pfctl -sr ,it's deny an input from the same subnet to carp0?!

    thx MaxHeadroom

    ps: i open the same question one day before in the german subforum but no answer till now

Log in to reply