Hi,
first of all I'm sorry for my poor English...
I configured 2 Opnsense in HA and the synchronization is ok. My IP conf is:
- Firewall 1 (Master) WAN Interface a.b.c.11/29
- Firewall 1 (Master) LAN Interface 192.168.0.5/24
- Firewall 2 (Slave) WAN Interface a.b.c.12/29
- Firewall 2 (Slave) LAN Interface 192.168.0.6/24
- WAN CARP VIP on both Firewall a.b.c.10/29
- LAN CARP VIP on both Firewall 192.168.0.254/24
On the Master FW I have checked all the synchronization option, form Dashboard to Unbound DNS.
My problem is with WEB Proxy. I enabled Web Filtering for HTTP (Enable Transparent HTTP proxy checked) and HTTPS (Enable SSL inspection checked). Everything works ok until the Firewall Master ip up. When I simulate a down of the Firewall Master, all CAPR VIPs are switched to the Firewall slave, but the Web filtering doesn't work anymore. The firewall rules are the same on both Firewall. From the clients I have access to internet (I can ping google.com) but the clients are unable to browse the internet. The problem is with the certificate. Of course I use the same CA (auto created) and Server Certificate (auto created) on both Firewall.
Can someone help me, please?
Thank you very much