FYI, I also posted this on the Reddit grp, hoping will get answer on either forum.
I managed to get High Availability/CARP working.
Firewall 1 IP: 192.168.1.1
Firewall 2 IP: 192.168.1.10
VIP LAN: 192.168.1.220
Now, my problem is with existing IOT devices (lots!) and Proxmox LXC/VMs which I have set up with static IPs/Gateways where the Gateway is pointing to 192.168.1.1. So, when I switch the Master over to 192.168.1.10, everything stops working. I can manually change all my existing devices Gateway to the VIP LAN IP of 192.168.1.220 but its going to be painful. Its also not a smart way of doing this in case I need to revert back to a single Firewall. Is there a smarter or simpler way of doing this? Googling didnt turn up anything. Thanks.
In many cases when you migrate from a single firewall to an HA pair, you give both firewalls new addresses and use the former address of the sigle unit for CARP/HA. That way no changes are necessary in the rest of your network.
Thanks for sharing your experience on this. Now why didnt I think of this earlier??! ::) Guess my brain was only chasing the path of maybe there is a setup in Opnsense to point the 192.168.1.1 GW to 192.168.1.220! Your solution is simple and works.