Hello everybody, I need help regarding the following situation. I have four OpenBSD firewalls configured to do load-balancing ( in and out) using ip-stealth. I have two CARP interfaces (internal and external) on each firewall. See the configuration below.
Load-balancing works perfectly for non-SSL websites but I am unable to connect to secure websites (https). Any insight on what could be wrong on the configuration would be greatly appreciated. Here is my configuration: Internal CARP interfaces FW1 carp0 inet 10.50.1.1 /16 balancing ip-stealth carpnodes 11:0, 12:10, 13:25, 14:50 FW2 carp0 inet 10.50.1.1 /16 balancing ip-stealth carpnodes 11:50, 12:0, 13:10, 14:25 FW3 carp0 inet 10.50.1.1 /16 balancing ip-stealth carpnodes 11:25, 12:50, 13:0, 14:10 FW4 carp0 inet 10.50.1.1 /16 balancing ip-stealth carpnodes 11:10, 12:25, 13:50, 14:0 External CARP interfaces: FW1 carp1 inet 205.50.60.1 /27 balancing ip-stealth carpnodes 21:0, 22:10, 23:25, 24:50 FW2 carp1 inet 205.50.60.1 /27 balancing ip-stealth carpnodes 21:50, 22:0, 23:10, 24:25 FW3 carp1 inet 205.50.60.1 /27 balancing ip-stealth carpnodes 21:25, 22:50, 23:0, 24:10 FW4 carp1 inet 205.50.60.1 /27 balancing ip-stealth carpnodes 21:10, 22:25, 23:50, 24:0