Jose Hernandez wrote:
Hi there,
I’m using pfSense 1.2-RELEASE, my problem is that when I create a CARP
Virtual IP, the firewall becomes unresponsive. Is this something
someone else has experienced? Is there any workaround?
I don’t know if related but in the system logs I see the below lines
which
May 27 14:19:48 kernel: arp_rtrequest: bad gateway 85.XXX.XXX.XXX
(!AF_LINK)
May 27 14:19:48 kernel: arp_rtrequest: bad gateway 85.XXX.XXX.XXX
(!AF_LINK)
May 27 14:19:48 kernel: arp_rtrequest: bad gateway 85.XXX.XXX.XXX
(!AF_LINK)
May 27 14:19:48 kernel: arp_rtrequest: bad gateway 85.XXX.XXX.XXX
(!AF_LINK)
May 27 14:19:48 kernel: arp_rtrequest: bad gateway 85.XXX.XXX.XXX
(!AF_LINK)
May 27 14:19:48 kernel: arp_rtrequest: bad gateway 85.XXX.XXX.XXX
(!AF_LINK)
May 27 14:19:48 kernel: arp_rtrequest: bad gateway 85.XXX.XXX.XXX
(!AF_LINK)
May 27 14:19:48 kernel: arp_rtrequest: bad gateway 85.XXX.XXX.XXX
(!AF_LINK)
May 27 14:19:48 kernel: arp_rtrequest: bad gateway 10.200.0.1 (!AF_LINK)
May 27 14:16:20 php: : XMLRPC sync successfully completed with
http://192.168.0.2:80.
May 27 14:16:20 php: : Beginning XMLRPC sync to http://192.168.0.2:80.
May 27 14:16:19 check_reload_status: reloading filter
May 27 14:16:18 kernel: arp_rtrequest: bad gateway 85.XXX.XXX.XXX
(!AF_LINK)
May 27 14:16:10 kernel: arp_rtrequest: bad gateway 85.XXX.XXX.XXX
(!AF_LINK)
I would appreciate if anyone can look into this and advise.
Thanks,
Any chance you added a CARP VIP that is not a part of the logical subnet
attached to that interface? IE: a public-facing IP address that is not
part of your WAN subnet? This shouldn't be possible to do in the
1.2-release webGUI, and it will absolutely break your box if you manage it.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
