Netgate Store

Author Topic: IPSEC / CARP - Re-Keys on failover  (Read 38 times)

0 Members and 1 Guest are viewing this topic.

Offline RusG3G

  • Newbie
  • *
  • Posts: 1
  • Karma: +0/-0
    • View Profile
IPSEC / CARP - Re-Keys on failover
« on: May 16, 2018, 07:59:00 am »

We recently configured PFSense is a HA (Active/Passive) setup, where IPSEC is done to a CARP interface. When the firewall is failed-over to the secondary node the VPN's all re-key.

My question is;

Is there a way to avoid this?
Is this a limitation of the PFSense IPSEC / CARP implimentation?