pfSense Support Subscription

Author Topic: WAN Gateway Issues with CARP IP enabled.  (Read 242 times)

0 Members and 1 Guest are viewing this topic.

Offline AnthonyW

  • Newbie
  • *
  • Posts: 9
  • Karma: +0/-0
    • View Profile
WAN Gateway Issues with CARP IP enabled.
« on: October 18, 2017, 09:09:19 am »
Good morning

I'm stuck with a problem I've been trying to work through off and on for for about two weeks now.
I'm hoping you can help shed some light on this strange and frustrating issue I'm seeing in my HomeLab.

So for my lab. I have two virtual instances of pfSense running on VMware 6.0.
There are three vNICSs on each instance. WAN, LAN, SYNC, each on there own vlan
There is one vSwitch, trunking across 4x physical interfaces to a Cisco 3750.
The cable modem is connected to a port on the 3750G which is assigned to the same vlan as the wan interfaces in pfSense.
I have business class service providing a /29 from WoW.

Each FW works as expected when using just the WAN IP address with no CARP IP setup.
When I add the WAN CARP IP address. I get gateway loss from the WAN interface of which ever firewall is the master.
The slave does not see this issue, until it becomes the master and is holding the CARP IP.

The CARP IP addresses and NAT appear to be working fine, I'm not seeing any issues there.
I'm looked at ARP and I do see that the mac addresses are unique. I checked, because I was hoping if the mac were not unique that would explain that I was seeing. 

I checked the cable modem and cleared the ARP cache there, and I'm still seeing the same thing.
I've ran packet captures, nothing that stood out as unusual. Ping tested from the WAN interface to the gateway and verified it wasn't just a visual monitor issue on pfSense.

I'm unsure where to go from here.

I've attached some screenshots. Any help or direction would be greatly appreciated. Let me know what else I can provide

Thanks and regards,
-Anthony-

Offline AnthonyW

  • Newbie
  • *
  • Posts: 9
  • Karma: +0/-0
    • View Profile
Re: WAN Gateway Issues with CARP IP enabled.
« Reply #1 on: October 24, 2017, 10:01:42 am »
There was a response on here a few minutes ago and I'm unsure what happened, but the post is no longer here.
I see it was a first post.
To the dude who posted, the solution worked for me and everything is showing normal now.

The solution was to add a NAT rule from the WAN interface for this firewall to the CARP VIP IP.
If I could buy you a beer I would, this resolved my issue.

Offline Polderdijk

  • Newbie
  • *
  • Posts: 5
  • Karma: +0/-0
    • View Profile
Re: WAN Gateway Issues with CARP IP enabled.
« Reply #2 on: October 30, 2017, 03:56:09 am »
Hi AnthonyW,

I'm sorry, i reply with this solutions but deleted the post because i thought it was in the wrong topic :) But now I see you and another topic needs the same solution  8)

Offline AnthonyW

  • Newbie
  • *
  • Posts: 9
  • Karma: +0/-0
    • View Profile
Re: WAN Gateway Issues with CARP IP enabled.
« Reply #3 on: October 30, 2017, 12:33:27 pm »
Thanks for the help. I was really stuck.
If you private message me your paypal. I'll send you a beer.