Only the master is reachable via PPTP, never the backup



  • I've got a setup with 2.0RC3 of 2 nodes. Master and backup works perfectly, when I plug a cable or take out the power of a switch, failover happens withing milliseconds. So no complaints there, I'm very impressed by this product!
    But I do have a problem: when I'm connected via PPTP (on the WAN-CARP address) the backup node is not reachable. I have tried all it's interfaces (including SYNC), but I can't get to it. I have set up a rule to allow everything for PPTP clients and that works perfectly as I can reach my switches and other machines within the LAN without any issues.
    When I failover (by pulling a cable or something) and reconnect the PPTP I can reach the node that was previously the backup, but I can't reach the node that was previously the master.

    I hope someone is able to assist me with this, it's vital for me that I get this fixed before going to production with this configuration.
    If I need to post screenshots or exports of the configuration, just let me know.



  • Some extra information:
    I can always reach both the master and the backup node from within the LAN, I can ping the backup from the master node and there is nothing in the firewall or system log when I try to reach the backup node from my PPTP connection.
    A traceroute just shows the master (makes sense because that's the gateway) and then nothing, so I have no clue why my traffic isn't going where it should go…



  • The testing continued today and finally I got so desperate that I decided to take my very simple Sitecom 5 port switch and connected both LAN interfaces of the firewalls to that. To my total surprise: it worked!
    So there has got to be something in the configuration of my DLINK DGS-3024 switches.

    This topic can be closed with a wise lesson for everyone: never underestimate the power of your switches, they can *** up everything…


Locked