This honestly should work the way you have it setup. Mine is setup to sync from the master firewall to the LAN ip of my second firewall. I just pushed out a new firewall last night using the Virtual IP sync function and it worked great. What version are you on? Hopefully the latest. :)
On 8/23/05, Matthew Lenz <[EMAIL PROTECTED]> wrote: > My config changes are not being synced to fw1 when I make them on fw0. > Is there a log some where I can look at to see how/why this is failing? > > Here are the 'Services: CARP Settings' > > on fw0 (primary firwall): > > Synchronize Interface: OPT4 > Synchronize to IP: OPT4's interface ip > Remote System Password: admin's password for both boxes > > the following are checked: > > Synchronize Enabled > Synchronize rules > Synchronize aliases > Synchronize nat > Synchronize Virtual IPs > > on fw1 (backup firewall): > > Synchronize Interface: OPT4 > > the following are checked: > > Synchronize Enabled > > ------------ > > Both firewalls have a rule on OPT4 > > prot:* > src:OPT4 net > src port:* > dest:OPT4 net > dest port* > > failover is working on all 5 (soon to be 10) CARP ips. It seems as > though states are being synced as well but I wouldn't know how to verify > that (my tcp connections don't drop when I turn off the MASTER). I have > fw0 set with a skew of 0 and fw1 with a skew of 1. They failover just > fine and when preemption is checked (i've not got it checked at the > moment because people are actually using the internet connection now) it > gives fw0 back MASTER on all the interfaces just like it should. > > Thoughts? > >
