• Some users have recently had their accounts hijacked. It seems that the now defunct EVGA forums might have compromised your password there and seems many are using the same PW here. We would suggest you UPDATE YOUR PASSWORD and TURN ON 2FA for your account here to further secure it. None of the compromised accounts had 2FA turned on.
    Once you have enabled 2FA, your account will be updated soon to show a badge, letting other members know that you use 2FA to protect your account. This should be beneficial for everyone that uses FSFT.

Pfsense and CARP

Karandras

[H]ard|Gawd
2FA
Joined
Feb 16, 2001
Messages
1,873
I'm having problem with my pfsense. I've setup a 2nd pfsense machine with carp on it's own network. I have the following interfaces:

WAN (outside IP)
LAN (10.1.0.0/16)
CONTROL (10.2.0.0/16)
PFSYNC(10.8.1.0/24)

All of interfaces on both machines are showing master and it's causing me some headaches. On the master the base is 1 skew is 0, slave base 1 skew 100.

###Master###
The High Availability Sync settings:
Synchronize States - Check
Synchronize Interface - PFSYNC
pfsync Synchronize Peer IP - 10.8.1.3
Synchronize Config to IP - 10.8.1.3
Remote System Username - admin
Remote System Password - (password)
Everything below is checked.

###Slave###
The High Availability Sync settings:
Synchronize States - Check
Synchronize Interface - PFSYNC
pfsync Synchronize Peer IP - 10.8.1.2
Synchronize Config to IP -
Remote System Username -
Remote System Password -
Everything below is checked.

Not sure what else needs to be set to make this work properly or where to look to try to fix this problem. Any assistance would be awesome.

Running on ESX5.1 containers, the ports on the vSwtiches are all in promiscuous mode that are for the pfsense machine (all the others are set off).
 
Still unable to find anything to help me with this problem. Any ideas out there?

Thanks!
 
Well I've had to disable the 2nd firewall cause it was causing problems with dual packet responses on the VIP, plus they are still fighting over who should be master.

Any help here would be very appreciated.
 
Logs?

did you allow all traffic on the sync interfaces on each machine?
 
Back
Top