Ipsec fail on carp
i have a problem with 1pfsense-wan<-ipsec->carp-2pfsense config
without carp the ipsec tunnel is full function but if i want to switch to carp (1pfsense:remotegw->carp ip/My identifer->wan ip & 2pfsense Interface ->CARP1(….) /My identifer->carp ip
Any idea what's wrong.The wan side from both pfsense are in the same net for testing only.
I found an entry with pfctl -sr ,it's deny an input from the same subnet to carp0?!
ps: i open the same question one day before in the german subforum but no answer till now