Messages

1

High availability / Re: IPSec Site to Site Tunnel with HA

« on: September 25, 2020, 03:54:01 am »

Thank you. That seems to have solved the problem. For whatever reason, the CARP address was not selectable when we created the tunnel. But, it was there when I went to edit it.

Thanks

2

High availability / Re: IPSec Site to Site Tunnel with HA

« on: September 24, 2020, 02:21:19 am »

Here you go.

3

High availability / Re: IPSec Site to Site Tunnel with HA

« on: September 23, 2020, 03:53:08 pm »

This did not work. Both nodes are coming up and trying to connect to the IPSEC tunnel. That is not what should be happening.

4

High availability / Re: IPSec Site to Site Tunnel with HA

« on: September 22, 2020, 07:02:46 pm »

I will try that and let you know what happens.

5

High availability / IPSec Site to Site Tunnel with HA

« on: September 21, 2020, 11:00:31 pm »

I have 2 OPNSense appliances configured and running in HA mode. CARP / HA Failover / pfSync seem to be working fine, except for one thing. We have an IPSec tunnel to a remote site that needs to be re-established when the failover occurs. In our case, the IPSec tunnel does not re-establish (yes, IPSec is selected to sync and it appears to be working).

What I would expect is that the MASTER would connect to the tunnel and upon failover, the BACKUP would connect to the tunnel. But, what I see is that both the MASTER and the BACKUP are attempting to connect at the same time.

Are there any documents or sample configurations for this? I can't seem to find any and would like some assistance with this.