Text only | Text with Images

OPNsense Forum

English Forums => High availability => Topic started by: Tenn-it on June 18, 2025, 06:20:42 AM

Title: Is is possible to convert this setup to HA?
Post by: Tenn-it on June 18, 2025, 06:20:42 AM
I currently use Opnsense and have been for over a year. Previously I used Pfsense. The OPnsense setup is a VM and works great.

Currently, the Opnsense VM serves as the internet gateway for our network. It also has two public facing IP addresses. One is the WAN and one is a virtual IP address.

The two public IP addresses are static IP addresses and both have ports forwarded to internal devices.

These are the fictitious addresses:
LAN = 192.168.1.50
WAN=12.345.67/24
WAN2 (virtual IP)= 12.345.68/24

I don't have a third public ip address available.

Currently I have this VM installed on two hosts with identical setups. I can start one and it works, I can then stop it and start the other and it works. I just want to have it so that if one dies, the other will take over and vice versa.

Is that possible?

Thanks!
Title: Re: Is is possible to convert this setup to HA?
Post by: Patrick M. Hausen on June 18, 2025, 09:11:47 AM
You need three addresses on each network - one static for each firewall, plus a floating one for CARP.
Title: Re: Is is possible to convert this setup to HA?
Post by: Tenn-it on June 19, 2025, 12:21:30 AM
Thanks!
Text only | Text with Images