Access to pfSense via VIP
I finished setting up CARP with two pfSense devices. It is functioning as I expected, but I cannot access the device via VIP.
Weird thing is that I can access xxx.xxx.xxx.120 through LAN interface, but I cannot access through WAN interface. In other words, I have a laptop under the pfSense, and it allows me to login to pfSense via VIP. However, when I try from different network (home, 4G, public WiFi, etc…), it does not show any pages. There is no firewall between the ISP and pfSense.
"What is my IP" on my laptop surely shows the VIP.
May I have some advices to resolve it?
Thank you very much.
Is it reachable via its primary interface IPs?
Are the WAN IPs in a private network and so blocked by default interface configuration?
dotdash last edited by
Make sure your rule allowing external access has the destination of 'WAN net' or the VIP and not 'WAN address'.
xxx.xxx.xxx.121 and 122 were accessible. After I modified the firewall rule (WAN address to WAN net), it began to work! Thank you very much!