4. Access CARP backup behind IPSec

Access CARP backup behind IPSec

  • N

    What is the proper method of accessing the webgui of a backup system that's behind an IPSec tunnel? I did search, and I came across this thread. It appears that's talking about version 1.2.3, though.

    Is there an easy way to gain access to the secondary system? I can ssh from the primary, but it would be nice to have access to the webgui. I understand that the problem is that the backup box doesn't have a route across the VPN. But how would I add one, that wouldn't break everything? From what I can tell, the routes are sycned between the systems, so if I add one wouldn't it get removed the next time the primary box syncs?

    What happens when the backup becomes the master? Would that route pointing all traffic to the now inaccessible box break the vpn?

    I tried setting up an SSH proxy, but failed miserably. Probably because I don't entirely understand how to do it (never done it before.)

    Any guidance would be greatly appreciated!

    0
  • N

    You know what, I'm an idiot. We can just use the public IP to access it.

    0
  • S

    If you don't want to open an extra port on the outside, you can do an SSH tunnel like so in PuTTY:

    Under Connection:SSH:Tunnels:
    Souce port: 6666
    Destination: secondary_ip:443
    x Remote
    x IPv4

    Click add
    open ssh
    log in

    and then in your browser, go to https://localhost:5000

    0
Locked
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy