Me too But I´ve got outbound NAT for both networks to reach internet
1xx.2xx.2xx.91/29 -> CARP: 1xx.2xx.2xx.90 10.2xx.2xx.11/24 ---> CARP: 1xx.2xx.2xx.90 Regards On Mon, Nov 28, 2011 at 8:44 PM, Fuchs, Martin < [email protected]> wrote: > Hi !**** > > ** ** > > We used in our setup outbound nat -> advanced -> translation address: > WAN-carp**** > > ** ** > > Might this help ?**** > > ** ** > > Regards,**** > > ** ** > > martin**** > > ** ** > > *Von:* [email protected] [mailto: > [email protected]] *Im Auftrag von *Danny > *Gesendet:* Montag, 28. November 2011 09:24 > > *An:* pfSense support and discussion > *Betreff:* Re: [pfSense] CARP: Promote backup to master/master to backup > without halting master**** > > ** ** > > Hi,**** > > ** ** > > Correct.I have setup CARP for Lan and WAN**** > > ** ** > > Also setup manual NAT for network 10.2xx.2xx.x/24 to reach internet > with 1xx.2xx.2xx.90. NAT for 1xx.2xx.2xx.91 to 1xx.2xx.2xx.90 (No XMLRPC > sync for this) in node 1 and NAT for 1xx.2xx.2xx.92 to 1xx.2xx.2xx.90 (No > XMLRPC sync for this) in node 2.**** > > ** ** > > To update packages i always connect to the node IP, not the CARP one**** > > ** ** > > Thx**** > > Best Regards **** > > ** ** > > On Sun, Nov 27, 2011 at 12:22 AM, Fuchs, Martin < > [email protected]> wrote:**** > > Ok, let‘s see...**** > > You have set up CARP-IPs for WAN and LAN ? **** > > for example your interfaces could be configured like this: **** > > WAN: FW1: 1xx.2xx.2xx.91, FW2: 1xx.2xx.2xx.92, CARP: 1xx.2xx.2xx.90, GW: > 1xx.2xx.2xx.89**** > > LAN: FW1: 10.2xx.2xx.11, FW2: 10.2xx.2xx.12, CARP: 10.2xx.2xx.10**** > > **** > > You connect to the gui over 10.2xx.2xx.10 or th explicitely choose a > system .11, .12**** > > Now both systems should have correct internet connectivity because it’s > all routed cleanly…**** > > **** > > Remember you should have enough external IPs to use CARP for WAN ;-)**** > > **** > > Regards,**** > > **** > > martin**** > > **** > > **** > > *Von:* [email protected] [mailto: > [email protected]] *Im Auftrag von *Danny > *Gesendet:* Freitag, 25. November 2011 11:48 > *An:* pfSense support and discussion > *Betreff:* Re: [pfSense] CARP: Promote backup to master/master to backup > without halting master**** > > **** > > I can reach internet from backup only if I halt the master fw > > Thank you > Best Regards > > **** > > On Fri, Nov 25, 2011 at 11:36 AM, Fuchs, Martin < > [email protected]> wrote:**** > > Sounds like the GW of the backup system is not correct. > Can the backup reach the internet using ping or else ? > > Am 25.11.2011 um 11:05 schrieb "Danny" <[email protected]>:**** > > > > Hi, > > > > I´ve got a cluster of pfsense 1.2.3 firewalls, but I´m having troubles > to install packages on backup firewall. > > > > I need to promote backup firewall to master without switching off the > master (reason is that squid is only in master firewall and cannot halt the > system to force backup promotion) > > > > Would be enough to change in Virtual IPs the Advertising Frequency from > 0 to 100 in master, and 100 to 0 in backup? > > > > In CARP settings for both fw Sync is enabled, but in backup fw > checkboxes are not checked, preventing surprises.... > > > > Thank you > > Best Regards > > -- > > dpc**** > > > _______________________________________________ > > List mailing list > > [email protected] > > http://lists.pfsense.org/mailman/listinfo/list > _______________________________________________ > List mailing list > [email protected] > http://lists.pfsense.org/mailman/listinfo/list**** > > > > > -- > dpc**** > > > _______________________________________________ > List mailing list > [email protected] > http://lists.pfsense.org/mailman/listinfo/list**** > > > > **** > > ** ** > > -- > dpc**** > > _______________________________________________ > List mailing list > [email protected] > http://lists.pfsense.org/mailman/listinfo/list > > -- dpc
_______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
