On 23 June 2010 13:01, Fuchs, Martin <[email protected]> wrote: > Hi ! > > > > I already looked up the forums, but i have a problem i cannot solve on my > own… > > > > I have two pfSenses with CARP. > > > > Internal LAN-CARP is 10.11.1.1 and external WAN-CARP let’s say is > 12.12.12.12 (gw1.bk), where pfSense_1 WAN is 12.12.12.13 (gw2.bk) and > pfSense_2 WAN is 12.12.12.14 (gw3.bk). > > > > When I try to connect to gw1 (CARP) it does not respond… my WAN rule allows > any on OpenVPN port incoming to WAN-subnet. > > > > I tried to set up two different OpenVPN-Address-pools on both servers for > then using load-balancer-mode. > > I also tried to set up the same-Address-pool on both servers for CARP-mode. > > > > When I try to connect to gw2 (non-CARP) it works and the back-route works, > too (pfSense_1 is CARP-master). > > When I try to connect to gw3 (non-CARP) it does connects and the back-route > does NOT work (pfSense_2 ist CARP-slave), because all traffic is routed to > 10.11.1.1 (LAN-CARP) which is held by pfSense_1. > > > > Any idea how I can use the WAN-CARP for OpenVPN ? > > Or > > Any idea how I can tell the LAN-CARP-master to route the pfSense_2 OpenVPN > traffic to pfSense_2 (without static routes because these replicate via > CARP) ?
I asked this a while ago and got the following answer: Works now, put local x.x.x.x in custom options, where x.x.x.x is a CARP IP. You will have to manually configure the secondary to match the primary since the config doesn't sync on 1.2.x. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
