Hi,
I'm running into trouble with using OPNSense with CARP. It all worked fine in a test environment where I was able to put vSwitches into promiscuous mode and with forged transmits enabled. However the production vClouds we use are IAAS and using these settings is not supported there.
I was wondering if it's possible to use Keepalived on OPNSense as this works out of the box in our vClouds, I have a few VyOS routers and a few CentOS boxes using it.
Other options/solutions are welcome as wel. Problem with CARP seems to be the mac address for a carp interface that doesn't match the physical interface it's mac.
I really like to use OPNSense as VPN solutions as it integrates nicely with my AD.
Is it possible to use the XMLRPC sync without CARP ? That way I could potentially use a manual failover instead of CARP... If the config (users, ldap, certs) are available I only have to add ip addresses manually.