Hi,
I am not very skilled with pfSense but have been tasked with building a failover pair. I have been working on this for quite some time now and have come quite a bit further but am now stuck in a rut. I have read through quite a few questions on the forum but did not see anything that was of use for the issue, any help would be much appreciated.
Hardware:-HP C7000 Blade Center
-Has 2 built in WS-CBS3020-HPQ Cisco switches. These are connected via trunk links to
-2 Cisco 2960G’s
Setup:I currently have the pfSense firewalls set up on the virtual platform, and some servers set up which are connected to the LAN. The firewalls were set up according to
http://mirror.qubenet.net/mirror/pfsense/tutorials/carp/carp-cluster-new.htm . There were a few small differences though as I gather that tutorial is a bit old but it was still very helpful.
Issue:Currently I can ping all the outside IP’s from externally including that of the CARP. I can ping all of the IP’s from the active firewall, including the servers IP’s. There are ARP entries on it for everything except for the CARP IP’s. On the standby firewall I cannot ping the CARP IP’s but there are entries for them in the ARP table. I was having an issue before but I changed the Net.ReversePathFwdCheckPromisc as per this document
http://doc.pfsense.org/index.php/CARP_Configuration_Troubleshooting , this all works as I would expect it to now which is great.
The issue is that the servers can ping each other, as well as all the real IP addresses of the firewalls but cannot ping the CARP IP for the LAN subnet which is the default gateway which is a real problem as you can imagine. Please help.
Thanks,
Chris
pfSense Forum
