OPNsense Forum
Archive => 22.7 Legacy Series => Topic started by: loganx1121 on October 04, 2022, 12:56:52 pm
-
I'm planning to get a second firewall of the same hardware and doing HA but I'm a little confused about where the VIPs need to be.
There will be a single cisco switch running 2, 4 port LAGs to both firewalls. All of the VLANs will pass over these LAGs. The ISP connection will go to a switch and then from the switch to the firewall.
Standard HA setup seems pretty simple, but I'm wondering how I would do HA on the backend of the firewall with the LAGs and VLANs. Would each VLAN need a VIP configured for it? Or would that mess things up because the VLANs are running over LAGs? If each VLAN does need a VIP should that be configured as a CARP VIP?
Thanks in advance.