I’m not running CARP but I am doing many things like yours on my Comcast Business account…
I’ve never had that happen - and I think my modem only reboots when I lose power (it’s on the UPS but not on battery - by design). Which modem did they install? I suspect it’s a firmware “feature” of that modem. On May 9, 2014, at 21:56, Aaron C. de Bruyn <[email protected]> wrote: > Spent about an hour beating my head against the wall with this issue, > hopefully this will save others some time. > > We had a stand-alone pfSense router. > We just purchased two machines from ixsystems and were preparing them to be a > failover pair of pfSense routers and then decommission the smaller older box. > > While we were installing the new servers, the HDD in the old firewall died. > > We figured we would just get the two new boxes up. > > Plugged them into the Comcast modem and configured everything. > > Comcast assigned us a /28 a while back and we were using a handful of IPs to > access various internal services over HTTPS. > > The /28 looked roughly like: > .1 - router1 > .2 - router2 > .3 - exchange (CARP) > .4 - remote (CARP) > .5 - VPN (CARP) > .6 - spamfilter (physical machine) > ...etc > > After everything was configured, I had someone test remotely that they could > access the interface for router1 and router2 remotely. > > I then went home to finish up a few config details remotely. > > When I got home, I found I could access router1 and router2 as well as the > physical spam filter, but I couldn't access any of the HTTPS services on the > CARP IPs. > > I checked my NAT rules about 100 times, looked through firewall logs, and > found nothing. > > Finally I connected in to the spam filter (linux box) and ran 'openssl > s_client -connect exchange.example.tld:4433' and noticed it worked perfectly > from a machine on the same WAN segment. ...but not remotely. > > I called Comcast and had them remotely reboot the modem. Everything > immediately came up and started working perfectly. > > Hopefully this will save someone time. Reboot the brain-damaged Netgear CPE > after swapping hardware around. > > -A > > > > _______________________________________________ > List mailing list > [email protected] > https://lists.pfsense.org/mailman/listinfo/list _______________________________________________ List mailing list [email protected] https://lists.pfsense.org/mailman/listinfo/list
