CARP - configuration issue

  • Hello my friends,
    I configured CARP in two PFsense machines as  follows
    Pfsense 1:
    Cayptive portal1:

    Pfsense 2:
    Captive portal2:
    Firewal => Virtual IPs : i set the WAN virtual IP as
                                                      LAN virtual IP as
                                                      Captive portal virtual IP :
    then i edit the DHCP server of the Captive portal in such away the gateway is (Virtual IP address of the Captive portal interface )

    i also edit the NAT for the whole entries => manual Outbound => translation interface = virtual IP address of the WAN )

    CARP works good as redundancy , what ever i change in master machine , it changes automatically in backup machine.
    The problems , the clients connected to captive portal interface cant access internet , also i cant ping the virtual Ip address

    is there any thing to edit in the configuration or the DHCP server
    what do you suggest

  • LAYER 8 Netgate

    Captive portal login sessions are not synced. MAC address passthrough entries might be since they actually go into the config - I didn't test that.

    After traffic swings to the backup, accessing anything outside on :80 should bring the portal page up on the backup's IP address. They should be able to log in again and browse.

    I don't have captive portal enabled on my backup. If the master is down the traffic swings to the secondary and they don't notice anything. When it swings back either the database is intact and they don't notice or it isn't and they have to log in again. Yes, a clever user could just set their gateway to the secondary's IP address and bypass the portal. This is free internet anyway so shrug.

    This is on 2.1.5.

  • is ther extra setting to do as we havwe captive portal?

    Best Wishes

  • LAYER 8 Netgate

    To my knowledge captive portal sessions are not synced period. You'll need to write an XML sync for CP sessions.

Log in to reply