Hi
We have a pair of pfSense boxes under test, and most things seem to be working very well. CARP/failover is looking good, and I'm highly impressed with the product (which is new to me) so far!
Just a question about "pfsync" though - as I can't seem to find any detailed docs or tutorials. We have dedicated "LAN5" interfaces on both boxes, for the pfsync traffic, as recommended. Firewall-A (on 192.168.5.10) is set to sync to Firewall-B (on 192.168.5.20) and this works in terms of rules etc. But how should Firewall-B be configured? Ie, should that be configured to sync to Firewall-A explicitly, or is this nonsensical? What I'm getting it at is this - is the "pfsync" concept fully bi-directional? So that each firewall can update the other with rule changes etc?
Or are changes only supposed to be made on the 'master' and replicated to the 'backup'? Thus, on Firewall-B, should the "sync to" box just be left empty?
I hope the question makes sense, as I'm a little confused at the moment....
Regards
Alastair
SysAdmins Ltd
Title: pfsync settings - clarification needed
- [pfSense Support] pfsync settings - clarification needed Alastair Stevens
- Re: [pfSense Support] pfsync settings - clarificatio... Scott Ullrich
- RE: [pfSense Support] pfsync settings - clarific... Alastair Stevens
- Re: [pfSense Support] pfsync settings - clar... Scott Ullrich
