1
High availability / Re: HA Pair - 2nd having connectivity problems
« Last post by Monviech on Today at 08:44:00 pm »Sorry my crystal ball has run dry right now.
If deactivating pf solves the issue, I would check the NAT rules again. Maybe there is a NAT rule that matches on all traffic and NATs the firewall traffic itself.
But, I'm only guessing now.
I ran the exact same combination as you before (2 OPNsense in HA with juniper as gateway, /26 and additional /27 net) and both had internet, and the ruleset was really really complicated.
I'm sure its something annoyingly simple and easy.
Check the firewall live log, log all rules. Check tcpdump what happens to the pakets. Etc...
If deactivating pf solves the issue, I would check the NAT rules again. Maybe there is a NAT rule that matches on all traffic and NATs the firewall traffic itself.
But, I'm only guessing now.
I ran the exact same combination as you before (2 OPNsense in HA with juniper as gateway, /26 and additional /27 net) and both had internet, and the ruleset was really really complicated.
I'm sure its something annoyingly simple and easy.
Check the firewall live log, log all rules. Check tcpdump what happens to the pakets. Etc...