HAProxy for HTTP + CARP + MultiWAN with VIPs issue (Outbound NAT?)



  • Hi!

    I have two pfSense firewalls with CARP setup, 2 WANs and HAProxy that points to HTTP servers in my LAN.

    Scheme:
    pfSense server #1
    ISP#1 - Public IP1.1 - pfSense#1 with HAProxy - HTTP
    ISP#2 - Public IP1.2 - ISP#2 Local IP1 - pfSense#1 with HAProxy - HTTP
    LAN vIP - pfSense as Gateway (Master)

    pfSense server #2
    ISP#1 - Public IP2.1 - pfSense#2 with HAProxy - HTTP
    ISP#2 - Public IP2.2 - ISP#2 Local IP2 - pfSense#2 with HAProxy - HTTP

    All LAN servers and PCs GW set as LAN vIP that migrates via CARP.

    Problem:
    When I'm trying to access HTTP servers via IPs:
    Public IP1.1 -> OK
    Public IP1.2 -> OK
    Public IP2.1 -> OK
    ISP#2 Local IP1 -> OK
    ISP#2 Local IP2 -> OK
    Public IP2.2 -> FAILED

    How can I get Public IP2.2 accessible?

    I think it's some king of outbound NAT issue, but I can't figure it out how to set it up. Need help :)



  • Please don't double post.


Log in to reply