Hi,
I have 2 opnsense HA clusters: FW1&FW2 as one group (A) and FW3&FW4 as one group (B)
When i connect the groups directly to the modem they can reach to internet without any problem
However, if I put group B behind group A so that group B internet traffic goes through group A,
my modem(draytek) classifies gr B virtual mac as "ARP spoofing attack" and blocks.
Btw, on WAN interface of gr B, i disabled "block private networks", since gr B WAN interface is connected to gr A LAN interface.
Client --> (LAN - Gr B - WAN) ---> (LAN - Gr A - WAN) ---> Modem
What do you think? Can it be a NAT issue, which was tailored for HA?
I couldnt understant the reason, any help is appreciated.
Ali