Help please. i suspect something to do with carp but unsure
-
Hi,
i'm not sure if this is normal behavior or if carp is doing something odd.
i'm running 2.0.3.
and have 2 firewalls carped.
my issue is everytime I make any changes to the firewall.. ie.. nat.. or IPsec disable / re-enable or anything really I press apply changes..
then maybe 10-15 seconds later all the connections seem to drop for like 20-30 seconds.
its like everything just goes down..did anyone ever run into this?
i'm checking the system logs and theres nothing in particular.. going on .Thanks
-
Check that you don't have a gateway showing down on the primary or secondary.
-
gesus you're good. just from these vague symptoms you could tell right away :|
now i just gotta figure out why its down… i guess it was never up lol.
thanks!Edit: i checked all the connections.. and they're good. and the lights are blinking on the wan interface but i cant seem to ping anything from the secondary... ??
-
jimp, hi,
i think i found the problem, though not quite sure how to fix it….
i think it has to do with manual outbound nat...
so the secondary has a manual rule thats basically saying go out through carp ip.
but the master has the carp ip. so when you ping out the ping basically always goes back to master instead of slave? -
Your NAT rules should not apply NAT to traffic originating from the firewall itself. (e.g. you do NOT want a source of "any" on NAT rules, but the LAN subnet or an alias of your internal subnets)
