Chuck Mariotti wrote on Fri, Jun 19 2015 at 11:49 am: > The problem I had was, how do I get into the network behind the firewall so > that I can power down the bad and power up the good clone?
Another problem is the firewall rules in the clone will be out of sync, if it's off (you can't turn it on to enter them because it would be an IP address conflict with the primary). CARP takes care of that. Also consider what if the VM host(s) are down. In this situation you might want a second firewall to not be a VM, or (for instance) not using the same SAN, if it is a VM. Some data centers allow access to turn on/off power plugs on demand. Or a tech can plug something in. -- Steve Yates ITS, Inc. _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
