Hi everyone,
I'm getting this behavior and I can't find the reason. I've test the same scenario with pfSense 2.3.4 and 2.4.0-RC and I've posted in the forums without reply[1]. I'm not sure if it's a configuration error or a bug, and I would prefer confirm with someone expert. Briefly, when there're established connections through a not default gateway (e.g. GW2 configured according to a firewall rule) and I change the master unit (e.g. disabling CARP in Pfsense1, master previously), these connections are broken. Pfsense2, now master unit, try to routes these traffic through GW1 (instead of GW2) and using the WAN2 HA IP for outbound NAT. That is not right. Although I if close and retry the connections (like a SSH client), the new connections are routed according to the rule, through GW2, like Pfsense1 has done when it was the master unit. I know pfSense can't filter traffic from the firewall itself, and it's like the established connections would be traffic from the firewall itself also in those states. Does anyone know this behavior? There is no solution? Regards, [1]: https://forum.pfsense.org/index.php?topic=136739.msg749477#msg749477 _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
