Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Carp and IPSec VPN problem

    Scheduled Pinned Locked Moved HA/CARP/VIPs
    1 Posts 1 Posters 738 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T Offline
      T-bone
      last edited by

      Hello,

      I am using 2 Pfsense boxes with a CARP configuration. So far this is working very good.

      Recently I added a IPSec VPN that was configured with a remote subnet of 0.0.0.0/0. This is a well-known VPN configuration, in order to route all LAN traffic through this tunnel.

      After I make this tunnel active, CARP is not working anymore. It looks like the sync-packets that are used to see if the pfsense is still alive are also routed through the VPN tunnel.
      The backup pfSense box does not receive these packets anymore, so it becomes the master in the LAN segment. Thus resulting in a LAN segment with two masters and resulting in a virtual LAN IP address, that cannot be reached anymore.

      What can I do to make this config working?

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.