4. CARP outgoing IP address?

CARP outgoing IP address?

  • S

    Hi pfSense Users,

    We have 2 pfSense 2.1.3 box, with a beautifull, and working CARP setup:

    • pfSenseCARP: 1.2.3.3
    • pfSense01: 1.2.3.4
    • pfSense02: 1.2.3.5

    The CARP interface works like a charm with inbound connections, but when I try to ping 8.8.8.8 from the pfSenseCARP interface, there is no response - 100% packet loss, and there isn't any BLOCK or REJECT entry in firewall log. When I try to ping from shell, I'm recieving the following error:

    ping: invalid multicast interface: `opt2_vip3'

    Maybe a rule missing? Or any other recommendation to check something?

    The second problem is that, when I visit a site, from behind the pfSense-s, the logged IP is not our CARP ip (1.2.3.3), just the master's IP (1.2.3.4 if pfSense01 is the master).

    The outgoing IP address must be the CARP address. How can I set it up? Rules? Outbound NAT? When I modify the Outbound NAT rules (which has been generated via setup) to translate the request to the CARP address, we are loosing our internet connaction.

    Thank you in advance,
    Csaba

    0

  • You need to use Advanced Outbound NAT. Change the NAT Address to 1.2.3.3.
    You should have both boxes set to sync states and the master should have the required XMLRPC settings- rules, nat, and VIPs at a minimum.

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy