CARP changes my LAN VIP Interface After Sync



  • I have this weird problem.

    2 Firewalls:
    Firewall 1 Master

    Interfaces
    WAN DHCP
    LAN 10.2.30.2/29
    GST 192.168.150.2/24
    CARP 10.2.40.1/24

    Firewall 2 Backup

    Interfaces
    WAN DHCP
    LAN 10.2.30.3/29
    GST 192.168.150.3/24
    CARP 10.2.40.2/24

    VIP on both firewalls:
    LAN 10.2.30.1/29
    GST 192.168.150.1/24

    Now my syncing goes over the CARP Interface. Its the interface that connects both firewalls, dedicated.
    My problem is this:
    When I make a change on the MASTER Firewall (adding new Rule), etc, it makes changes on the Backup Firewall, BUT, what happens is it changes my VIP from
    10.2.30.1/29      Interface LAN
    to
    10.2.30.1/29      Interface CARP

    Then I get an error that says "Sorry but we could not find a matching real interface subnet for the virtual IP address 10.2.30.1"

    Im guessing this is due to the fact that the VIP changes from LAN to CARP.
    Why the heck is this happening? Can someone please help me? PLEASE?

    Thank You…



  • Do you have your interfaces assigned in the same order on both pfSense in Interfaces > assign? This is essential for syncing correctly.