Can't get to backup Firewall from IPSEC

upthehill · Apr 15, 2013, 6:31 PM

Hi,

I have an issue that is causing problems. I really don't fully understand the problem but will have a try. I'm very new to PFSense.

I have two pairs of pfsense firewalls. One pair in NY and one pair in Boston.

I've attached a diagram.

If I connect through the NY side, a tunnel is formed and allows me to connect to the LAN on the otherside. What it does not allow ,me to do is connect to the backup firewall.

If I then clean the SAD, I'm then able to connect.

What am I doing wrong?

Thanks

SeventhSon · May 6, 2013, 4:11 PM

I would say the backup firewall is pushing the traffic through the wrong gateway/tunnel? But then clearing the SAD shouldn't make a difference?

Actually, it might matter… What version of pfSense are you running, because on the new version (2.0.2 and up i think), it actually brings down the tunnel on the backup machine, so this might be what you need.

jimp · May 6, 2013, 6:20 PM

http://forum.pfsense.org/index.php/topic,61775.msg333763.html#msg333763

jimp · May 6, 2013, 6:27 PM

http://doc.pfsense.org/index.php/CARP_Secondary_Unreachable_Over_VPN
(You didn't miss in the FAQ, I just added it)

SeventhSon · May 7, 2013, 4:09 PM

Thanks jimp, seems so simple when it's written down so well ;)