Hello,
I know this is a bit short on details but... I have 4 pfSense boxes in
two fail-over sets, one set is my edge firewall and the other is inside
of the first between LAN and a DB zone. I have remote access through
OpenVPN that puts me in the LAN where I can get to interface IP's of
either set of pfSense boxes. On the boxes between the LAN and the DB
zone I can connect to either box using what would normally be either of
the WAN interface IP's. The problem is that on the edge boxes I can
only get to the primary, the slave is inaccessible. The only difference
I can see is which zone the interface I am trying to access is in, WAN
vs LAN. The access rules are the same on both sets. Is there some
reason that would prevent me from accessing both pfSense boxes while
they are in fail over mode from the LAN side as I have described? I am
wondering if it is because while a master is up the slave just doesn't
respond to traffic on the LAN side but does on the WAN side? Has anyone
else run into a situation like this? If so could you share your
solution if you found one? I know I could create a vpn to both of the
WAN IP's of the Edge FW's but I would like to limit access to just the
one Carp IP into the LAN Zone.
Thanks,
JohnM
_______________________________________________
List mailing list
[email protected]
http://lists.pfsense.org/mailman/listinfo/list
