And one minor thing I overlooked, on option 4 enter the "Remote System Password" item as well.
On 10/18/05, Scott Ullrich <[EMAIL PROTECTED]> wrote: > I'll quickly summarize the steps you need to take: > > 1. Setup the primary firewall with a unique IP for wan and lan that > you will not be using in the CARP failover group. Each firewall must > have it's own unique ip for both WAN and LAN. > 2. Setup the secondary firewall with a unique IP for wan and lan that > you will not be using in the CARP failover group. Each firewall must > have it's own unique ip for both WAN and LAN. > 3. On the primary firewall, setup your virtual ip's that you wish to > share on the CARP cluster > 4. Visit CARP Settings on the primary firewall and enable all options > except load balancing. In the "Synchronize to IP" box insert the > _UNIQUE_ LAN IP of the seondary firewall. This will basically force > all the common settings to the backup automatically! > 5 Visit CARP Settings on the secondary firewall and enable preemption _ONLY_. > 6 Setup advanced outbound NAT on the primary firewall and make sure > that your directing all outbound traffic through one of your virtual > ip's so that when a failover occurs, there is no states using either > of the unique ip's > > That's about it If you follow the above, it should work, granted I > didn't overlook anything minor. > > Scott > > > > > On 10/18/05, Alex Moura <[EMAIL PROTECTED]> wrote: > > Hello, > > > > I'll lecture a training scheduled for next week, where I plan > > to talk about pfSense, besides m0n0wall. > > > > I'd like to show them the failover feature, but it didn't work > > as expected, following the website's tutorial. I also did > > searches at the mailing list history and I haven't found any > > messages about problemas or hints with this feature, with > > leads me to think that my configuration is missing something. > > > > About the configuration made: > > > > 1) Started with two factory reset pfSense 0.86.4 Generic PC firewalls. > > > > 2) Followed the animated tutorial for failover > > > > 3) Noticed that that tutorial misses the sync interfaces configuration, > > that should be done prior the failover steps, so I did factory reset the > > firewalls and started over. > > > > 4) Noticed that the backup firewall carp interfaces screen isn't the > > exactly the same that the tutorial shows: it's missing the icons and is > > blank > > where it should be showing > > > > 5) Confirmed: > > - That the WAN and LAN Virtual IPs were pinged from the LAN client > > - The client was able to navigate using the LAN Virtual IP as a gateway > > - That packets arrived external sites with the WAN Virtual IP > > - When I shutdown the Master firewall, both Virtual IPs also disappeared. > > > > There's an PDF to illustrate what happened, and a jpg with the lab scenario > > available at: > > http://alexsm.sites.uol.com.br/pfsense-carp-pfsync-lab.pdf > > http://alexsm.sites.uol.com.br/treinamento_bsd_fws.jpg > > > > I've just noticed that the pfSense-LiveCD-0.87.iso is available. > > I haven't tested it, but if my configuration isn't correct, I guess it > > doesn't matter the pfsense version, right? :-) > > > > Thank you in advance. > > > > Best regards, > > > > Alex > > > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
