Well I got most of my problems of last week sorted - a couple of configuration errors is all it takes to get things badly confused.
I am now left with some 'real' errors.... I have two boxes in parallel, running with Carp used to service 6 addresses in total - 3 on the WAN interface and the remaining 3 spread between 3 internal interfaces. All seems to work OK - when I check the Carp status on FW1 all CARP addresses show up as Master. However, when I check the same on FW2 all addresses except 1 show up as Backup - the odd one out shows up as Master. The logs show 'arp_rtrequest: bad gateway y.y.y.y (!AF_LINK)', where y.y.y.y is the affected Carp address - this seems to occur every few seconds, so I assume that Carp is trying to assert control over the address. Any idea what is wrong? My second problem concerns Failover Ipsec. When I check the SAD on the active firewall I see a pair of entries for a live IPsec tunnel, however the same information is not shown on the other firewall. Is this expected behaviour? Cheers /Peter -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
