OPNsense Forum

Archive => 21.1 Legacy Series => Topic started by: Patrick M. Hausen on April 06, 2021, 09:42:32 am

Title: Which outbound IP address in a CARP setup?
Post by: Patrick M. Hausen on April 06, 2021, 09:42:32 am

Hi all,

I will implement my first HA setup this week. With a pair of firewalls and CARP active, which IP address will OPNsense use for outbound connections to WAN/default? The individual firewall's address or the CARP one?

Important for mail, SPF records, etc.

Thanks!
Patrick

Title: Re: Which outbound IP address in a CARP setup?
Post by: Cerberus on April 06, 2021, 10:47:23 am

I just put a HA setup in production two weeks ago.

The Firewall itself uses its own IP, internal IPv4 traffic behind the firewall should use outbound nat and the CARP address, same goes for IPSEC and other stuff that you want in HA.

Title: Re: Which outbound IP address in a CARP setup?
Post by: Patrick M. Hausen on April 06, 2021, 11:41:45 am

Thanks. That means the only special case will probably be the postfix for outgoing email.

Title: Re: Which outbound IP address in a CARP setup?
Post by: mimugmail on April 06, 2021, 09:07:46 pm

Try setting SMTP Client address to LAN, then you can Nat to HA IP in WAN