Op 22-12-2010 11:22, Vincent Hoffman schreef:
At work we've a couple of servers running a synced pfsense cluster with IPsec tunnels to 2 other pfsense firewalls. While I can see that CARP syncs the configs across within the cluster I cant find anything that specifically says that if the primary node dies the ipsec (racoon) demon will start up automatically on the backup, and since its in production now I cant easily get permission to test. Can anyone confirm that if the primary dies the secondary will start up racoon and re-establish the IPsec tunnels, or if this is a manual process? So far management has been very impressed with pfsense so I can finally sneak FreeBSD into production here;)
Use one of the CARP IP addresses as the endpoints, then it will negotiate the tunnel again with the other node.
Regards, Seth --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
