Upgrading from 1.0 and problems
-
Hello All:
Just a brief history:
I have approx 30 remote locations that i was using CARP Virtual ips and IPSEC tunnels on the old 1.0 release. As i was setting up 1.2 i realized that the failover IPSec is no longer and upon searching i found this to be true. I then started researching openvpn and discovered that it will have complete access as there is no filtering on this. If this is not correct please correct me.
If i was to use openvpn for these 30 locations would i have to create a port and cert for each remote. so i gues i would like someone to point me in the right direction
thanks
-
For me CARP and ipsec failover on a 1.2 cluster works as it should.
And yes, you cant filter rules on openvpn with 1.2, this will be a feature in 1.3 -
For me CARP and ipsec failover on a 1.2 cluster works as it should.
in 1.0 there was a failover ipsec portion and i could not find it in 1.2 am i missing it or is setup different for carp and failover
-
which option, preemption?
-
In 1.0.1 there was a option under ipsec called failover ipsec and you would enter your carp public ip address in this location. In the latest release of 2.0 is option does not exist therefore instead of having the endpoint of your tunnel pointing at the carp public(virtual ip) it instead points to your wan address. What am i missing
Also in the version i pfsense version i am running the preemption check box is not there
-
you choose you carp WAN IP in the tunnel configuration page directly, look at the interface dropdown box
-
Thank you for your help, I had found the setting late last night which explains a lot i quess we can now consider this thread closed
again thanks heiko