CARP outgoing IP address?
-
Hi pfSense Users,
We have 2 pfSense 2.1.3 box, with a beautifull, and working CARP setup:
- pfSenseCARP: 1.2.3.3
- pfSense01: 1.2.3.4
- pfSense02: 1.2.3.5
The CARP interface works like a charm with inbound connections, but when I try to ping 8.8.8.8 from the pfSenseCARP interface, there is no response - 100% packet loss, and there isn't any BLOCK or REJECT entry in firewall log. When I try to ping from shell, I'm recieving the following error:
ping: invalid multicast interface: `opt2_vip3'Maybe a rule missing? Or any other recommendation to check something?
The second problem is that, when I visit a site, from behind the pfSense-s, the logged IP is not our CARP ip (1.2.3.3), just the master's IP (1.2.3.4 if pfSense01 is the master).
The outgoing IP address must be the CARP address. How can I set it up? Rules? Outbound NAT? When I modify the Outbound NAT rules (which has been generated via setup) to translate the request to the CARP address, we are loosing our internet connaction.
Thank you in advance,
Csaba -
You need to use Advanced Outbound NAT. Change the NAT Address to 1.2.3.3.
You should have both boxes set to sync states and the master should have the required XMLRPC settings- rules, nat, and VIPs at a minimum.
