Re: [pfSense] Sync problem betweens 2 nodes

Fri, 01 Apr 2016 09:00:06 -0700 

Le 01/04/2016 17:36, Steve Yates a écrit :

So the configuration is sync'd successfully, but the next time the sync happens 
the slave loses its rules?

Not exactly : Only SYNC interface rules is empty on slave. (the last one)
Others interfaces rules sync OK. I have verified the behavior with Firewall disabled on slave. 



Is the slave also set to sync to the master?  That should not be the case.

No it is not set.


My initial problem was there is a field to type a username for syncing but that is 
ignored and pfSense is hardcoded to use "admin"...but it sounds like you get a 
successful sync so that can't be it.

Yes it is working, but only once. Then as Sync Rules is empty on slave 
it is blocked.


Now I only have issues with the Suricata package sync occasionally causing the 
web GUI (I think PHP-FPM really, which prevents the GUI from working) on the 
slave to stop responding.

--

Steve Yates
ITS, Inc.

Thank you.


-----Original Message-----
From: List [mailto:[email protected]] On Behalf Of Raphaël RIGNIER
Sent: Friday, April 1, 2016 10:23 AM
To: [email protected]
Subject: [pfSense] Sync problem betweens 2 nodes

Hi community.
I'm trying to sync 2 SG-8860 nodes for high avaibality.
Relase 2.2.6-RELEASE
I've read the doc on HA from portal.pfsense.org but I'm having an issue.

Configuration sync from master to slave is almost working.
But SYNC interface's Firewall rules are cleared on slave each sync attempt.
If I add a temp allow all rule on slave's SYNC interface, as describe in doc, 
it is cleared on the next sync event.
Even if the allow rule is present on master.

I Haven't seen anithing insterstoing in log files.

Does someone  have an idea ?

Thank you.
_______________________________________________
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
_______________________________________________
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold


_______________________________________________
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold






















					Reply via email to