Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    CARP outgoing IP address?

    HA/CARP/VIPs
    2
    2
    691
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      sarics last edited by

      Hi pfSense Users,

      We have 2 pfSense 2.1.3 box, with a beautifull, and working CARP setup:

      • pfSenseCARP: 1.2.3.3
      • pfSense01: 1.2.3.4
      • pfSense02: 1.2.3.5

      The CARP interface works like a charm with inbound connections, but when I try to ping 8.8.8.8 from the pfSenseCARP interface, there is no response - 100% packet loss, and there isn't any BLOCK or REJECT entry in firewall log. When I try to ping from shell, I'm recieving the following error:

      ping: invalid multicast interface: `opt2_vip3'
      

      Maybe a rule missing? Or any other recommendation to check something?

      The second problem is that, when I visit a site, from behind the pfSense-s, the logged IP is not our CARP ip (1.2.3.3), just the master's IP (1.2.3.4 if pfSense01 is the master).

      The outgoing IP address must be the CARP address. How can I set it up? Rules? Outbound NAT? When I modify the Outbound NAT rules (which has been generated via setup) to translate the request to the CARP address, we are loosing our internet connaction.

      Thank you in advance,
      Csaba

      1 Reply Last reply Reply Quote 0
      • dotdash
        dotdash last edited by

        You need to use Advanced Outbound NAT. Change the NAT Address to 1.2.3.3.
        You should have both boxes set to sync states and the master should have the required XMLRPC settings- rules, nat, and VIPs at a minimum.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post

        Products

        • Platform Overview
        • TNSR
        • pfSense
        • Appliances

        Services

        • Training
        • Professional Services

        Support

        • Subscription Plans
        • Contact Support
        • Product Lifecycle
        • Documentation

        News

        • Media Coverage
        • Press
        • Events

        Resources

        • Blog
        • FAQ
        • Find a Partner
        • Resource Library
        • Security Information

        Company

        • About Us
        • Careers
        • Partners
        • Contact Us
        • Legal
        Our Mission

        We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

        Subscribe to our Newsletter

        Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

        © 2021 Rubicon Communications, LLC | Privacy Policy