Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Convert pfsense Carp failover L3 firewall to carp failover transparent firewall

    HA/CARP/VIPs
    1
    1
    1.0k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      grzmrc
      last edited by

      hi all,
      I have 2 pfsense 2.1 box configured as traditional Carp Failover:

      box1
      LAN 10.0.8.1/25
      WAN 192.168.1.1/24 gw 192.168.1.122
      Sync 192.168.222.1/24

      box2
      LAN 10.0.8.2/25
      WAN 192.168.1.2/24 gw 192.168.1.122
      Sync 192.168.222.2/24

      Carp LAN VIP=10.0.8.122/25
      Cerp WAN VIP=192.168.1.121/24

      it works very well, but the corporate network will change and I'll must adeguate my configuration.

      the corporate router LAN interface will change from 192.168.1.122 to 10.0.8.122.

      I think that the only way I have to make pfsense works again, is to convert it in a transparent firewall.

      The new configuration is the following…
      box1
      LAN 10.0.8.1 /25
      WAN 10.0.8.101/25 gw 10.0.8.122
      Sync 192.168.222.1/24

      box2
      LAN 10.0.8.2/25
      WAN 10.0.8.102/25 gw 10.0.8.122
      Sync 192.168.222.2/24

      Carp LAN VIP=10.0.8.121/25
      Cerp WAN VIP=10.0.8.120/25

      Obviously the phisical connections are
      WAN PFsense - router
      LAN  pfsense - internal switch

      When I try to bridge LAN and WAN interface, the switch stops to work correctly and clients stop to comunicate (loop???).

      May you help me to solve the issue and correctly convert my configuration in a transparent firewall with failover?
      thanks

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.